Re: [Crypto-panel] Request for review: draft-ribose-openpgp-oscca-01

"Stanislav V. Smyshlyaev" <smyshsv@gmail.com> Wed, 20 December 2017 14:15 UTC

Return-Path: <smyshsv@gmail.com>
X-Original-To: crypto-panel@ietfa.amsl.com
Delivered-To: crypto-panel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A5BE12DA15 for <crypto-panel@ietfa.amsl.com>; Wed, 20 Dec 2017 06:15:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UfHCytpE_tcT for <crypto-panel@ietfa.amsl.com>; Wed, 20 Dec 2017 06:15:43 -0800 (PST)
Received: from mail-qk0-x22d.google.com (mail-qk0-x22d.google.com [IPv6:2607:f8b0:400d:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A715126CD6 for <crypto-panel@irtf.org>; Wed, 20 Dec 2017 06:15:43 -0800 (PST)
Received: by mail-qk0-x22d.google.com with SMTP id c85so12681525qkh.13 for <crypto-panel@irtf.org>; Wed, 20 Dec 2017 06:15:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=BaEOsksbSHphKkePWJtCBO39OI4HdXmrXBmfEXFyUvs=; b=QDRGupb9ZvL2N+7yQeWDzrVDbUfBnFKtHqAW3L2/y8C5V/8LIqyBjSToPaaRikQFlY DVxecJ2XtJKGSWFDrzJlJ0A9JWUIAF+ekC0wa1wcLcWPsWfXNQbJWzorelH7yKKrobiO d2w7EAVGlEX4cD6UN8jOHcpXImR67oN5FNoNQQLoewUqaiHcFbjdhp3MZKdEFut9e2Nn 83eD1CndIqAeOS6QxUPmdGDajgHUA3ysnAupkp07g0Li7jNXs1lqSlysodTN/0E+f8hf GqbtRiLSZtKFtxAMA8IPB4QP5/skArPfhx6v3NspoFBcS1R0TE7MEGY1lUCPaIWQYkzG d4CQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=BaEOsksbSHphKkePWJtCBO39OI4HdXmrXBmfEXFyUvs=; b=A/L9ayFYTlZgqDR7wjBxav0fwTuxLbprvM/Gpv9YtpdMcU7T7qKCzQLAXVR8t9BWI1 44f7fp01JyM6n/ilcbQ28iNG+SvhQdMp+1+UtrbF2ia1DAvH+gqrgh+/y+Mr7bDqdWqj KOpCY7wKd5SbvwoLhoFNWQhttEdQAwD7QaypWbGERRj4E5hf0YLVuHYBhrFm/mCGqR5p kJMmBrToaclZO1dhEJ20VuOE8TGqZD8RYMk1PMzTqn2a+UcqKtNBQtksHLXDHQjkG0dK 1xVZWTLPPnYRMaPfhJo2l5WyFTlyBZ3iNTzRD1dWoukCqE5Jwcvwg8ZUpQgKrZ77AXSH Jz+w==
X-Gm-Message-State: AKGB3mLXkvbtwHt0Yp5k1IWaY+xhMpNCPYeVmzbB3BDSoKS/8N5S+HA/ fXIWXo0NCyllqJCcEQxaom0kzmeyN7TAcJPf0Ng=
X-Google-Smtp-Source: ACJfBovIPeeuzo9iu1XAUmqJu6lb2A9mXMecpnBtcrA+sUO05WfCwsh6S4Uqo0HQl3tvZH7UcekGUP4cczvsUfRjJa4=
X-Received: by 10.55.5.133 with SMTP id 127mr10063167qkf.102.1513779342115; Wed, 20 Dec 2017 06:15:42 -0800 (PST)
MIME-Version: 1.0
Received: by 10.12.142.139 with HTTP; Wed, 20 Dec 2017 06:15:41 -0800 (PST)
In-Reply-To: <CAMr0u6=6hL2B8OcKkn4E8ivMw9Ta90NrVb7qm_t6_7qj5x4c4g@mail.gmail.com>
References: <56db317a-07ad-0ad4-b1d1-31f12283115e@isode.com> <CAMr0u6nk5xo18Y93uWXKvXsbKX8o7pVx-MWrumvQnkYERPgbpw@mail.gmail.com> <E6993497-43A6-4CB2-866E-D5AF55E1D168@ribose.com> <CAMr0u6kk4HDKUKJqt3WPjO3jX+B4BoiidTQvdr7k7TLDqcG0-A@mail.gmail.com> <087A0995-B344-4CBE-B300-D2431F1E5552@ribose.com> <CAMr0u6kCzMeZgLALSoWxggMH6A=ou9U05umFLHGvT6MLdeSwng@mail.gmail.com> <23B65052-E3DC-4553-B729-BE1CE0899C62@ribose.com> <CAMr0u6=6hL2B8OcKkn4E8ivMw9Ta90NrVb7qm_t6_7qj5x4c4g@mail.gmail.com>
From: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>
Date: Wed, 20 Dec 2017 17:15:41 +0300
Message-ID: <CAMr0u6mqyUjbtVoq=uqK7js16ou-py0Qy29ixmR37upz7xRXtw@mail.gmail.com>
To: Ronald Tse <tse@ribose.com>
Cc: Alexey Melnikov <alexey.melnikov@isode.com>, "crypto-panel@irtf.org" <crypto-panel@irtf.org>, Nancy Cam-Winget <ncamwing@cisco.com>, "draft-ribose-openpgp-oscca.authors@ietf.org" <draft-ribose-openpgp-oscca.authors@ietf.org>, Tim Polk <tim.polk@nist.gov>, "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>
Content-Type: multipart/alternative; boundary="001a114c8cacf48d270560c637f0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/crypto-panel/fjqbTO7H5Pp8rZ6g8SnXHjiSDQQ>
Subject: Re: [Crypto-panel] Request for review: draft-ribose-openpgp-oscca-01
X-BeenThere: crypto-panel@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <crypto-panel.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/crypto-panel>, <mailto:crypto-panel-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/crypto-panel/>
List-Post: <mailto:crypto-panel@irtf.org>
List-Help: <mailto:crypto-panel-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/crypto-panel>, <mailto:crypto-panel-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Dec 2017 14:15:47 -0000

It should occur in the list later though, after approval:



*Your mail to 'Cfrg' with the subject*








*    Re: [Cfrg] Review request for SM4 block cipher
draft:draft-ribose-cfrg-sm4-00Is being held until the list moderator can
review it for approval.The reason it is being held:    Message body is too
big: 42875 bytes with a limit of 40 KB*


Best regards,

Stanislav

2017-12-20 17:13 GMT+03:00 Stanislav V. Smyshlyaev <smyshsv@gmail.com>om>:

> Dear colleagues,
>
> The review has been posted to the CFRG mailing list.
>
> P.S.: Ronald, I'll be happy to make an additional review after you finish
> updating the SM2 I-D with design rationale and a summary of published
> analysis results. Nevertheless, I've included my own summary of the
> published results of SM2 to my review.
>
> Best regards,
> Stanislav
>
>
>
>
> 2017-11-29 21:24 GMT+03:00 Ronald Tse <tse@ribose.com>om>:
>
>> Hi Stanislav,
>>
>> Fully understand. Thank you again for your help!
>>
>> Ron
>>
>> _____________________________________
>>
>> Ronald Tse
>> Ribose Inc.
>>
>> +=========================================================+
>> This message may contain confidential and/or privileged
>> information.  If you are not the addressee or authorized to
>> receive this for the addressee, you must not use, copy,
>> disclose or take any action based on this message or any
>> information herein.  If you have received this message in
>> error, please advise the sender immediately by reply e-mail
>> and delete this message.  Thank you for your cooperation.
>> +=========================================================+
>>
>> On Nov 29, 2017, at 9:23 PM, Stanislav V. Smyshlyaev <smyshsv@gmail.com>
>> wrote:
>>
>> Dear Ronald,
>>
>> Thank you very much for the links!
>> The review is conducted by Crypto Review Panel, thus the analysis is
>> being done more from the cryptographic perspective, and the current state
>> of the analysis of the proposed mechanisms is taken into account.
>>
>> Best regards,
>> Stanislav
>>
>>
>> 2017-11-28 19:28 GMT+03:00 Ronald Tse <tse@ribose.com>om>:
>>
>>> Dear Stanislav,
>>>
>>> You are absolutely right. Here are the IETF drafts of SM2, SM3 and SM4
>>> (they are referred to within this draft, too):
>>>
>>> SM2: https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
>>> SM3: https://tools.ietf.org/html/draft-oscca-cfrg-sm3-02
>>> SM4: https://tools.ietf.org/html/draft-ribose-cfrg-sm4-05
>>>
>>> The SM3 and SM4 drafts contain both a design rationale and a
>>> cryptanalysis section. Specifically, the cryptanalysis section contain
>>> bibliography references with links to research publications of the latest
>>> cryptanalysis results (English + Chinese). Most of these results are freely
>>> available in English (Google Scholar).
>>>
>>> As a matter of fact, we are currently updating the SM2 draft to provide
>>> the same level of detail as the other two.
>>>
>>> I’d just like to clarify that the current review is purely on the
>>> OpenPGP side of things. That said, we have previously requested a CFRG
>>> review of the SM4 draft too, so if you have some time to review that draft,
>>> it would be even more awesome :-)
>>>
>>> Hope this helps!
>>>
>>> Kind regards,
>>> Ron
>>>
>>> _____________________________________
>>>
>>> Ronald Tse
>>> Ribose Inc.
>>>
>>> On Nov 29, 2017, at 12:08 AM, Stanislav V. Smyshlyaev <smyshsv@gmail.com>
>>> wrote:
>>>
>>> Dear Ronald,
>>>
>>> Since the document is dedicated to the algorithms and elliptic curve
>>> parameters, it would be very helpful if you could point at papers with
>>> their analysis in English, if some of them are not publicly available (or
>>> could not be easily found via public resources). Also, it will be extremely
>>> important if you could provide some materials with design rationale of the
>>> algorithms and parameters presented in the I-D.
>>>
>>> Of course, full cryptanalysis from a scratch is impossible to be made as
>>> a part of review, so all known results/attacks/notes on design
>>> rationale/results of evaluation of curve parameters will be very important
>>> for making the review(s) as objective as possible.
>>>
>>> Best regards,
>>> Stanislav Smyshlyaev, Ph.D.
>>> Head of Information Security Department,
>>> CryptoPro LLC
>>>
>>>
>>>
>>> 2017-11-28 18:47 GMT+03:00 Ronald Tse <tse@ribose.com>om>:
>>>
>>>> Dear Stanislav,
>>>>
>>>> Thank you very much for performing the review. Look forward to it!
>>>>
>>>> Kind regards,
>>>> Ron
>>>>
>>>> _____________________________________
>>>>
>>>> Ronald Tse
>>>> Ribose Inc.
>>>>
>>>> On Nov 28, 2017, at 11:21 PM, Stanislav V. Smyshlyaev <
>>>> smyshsv@gmail.com> wrote:
>>>>
>>>> Dear Alexey,
>>>>
>>>> I'll be happy to do this.
>>>>
>>>> Will it be OK, if I provide a review by the 20th of December?
>>>>
>>>> Best regards,
>>>>
>>>> Stanislav
>>>>
>>>>
>>>> 2017-11-28 17:02 GMT+03:00 Alexey Melnikov <alexey.melnikov@isode.com>om>:
>>>>
>>>>> Dear Crypto Panel,
>>>>>
>>>>> SAAG’s SECDISPATCH chairs have requested review of
>>>>> <https://datatracker.ietf.org/doc/draft-ribose-openpgp-oscca/>
>>>>> before the document fate will be decided (it is likely to end up in
>>>>> the CURDLE WG).
>>>>>
>>>>> Can we have some volunteer(s) please?
>>>>>
>>>>> The draft Abstract is:
>>>>>
>>>>>    This document enables OpenPGP (RFC4880) usage in an compliant manner
>>>>>    with OSCCA (Office of State Commercial Cipher Administration)
>>>>>    regulations for use within China.
>>>>>
>>>>>    Specifically, it extends OpenPGP to support the usage of SM2, SM3
>>>>> and
>>>>>    SM4 algorithms, and provides the OSCCA-compliant OpenPGP profile
>>>>>    "OSCCA-SM234".
>>>>>
>>>>>
>>>>> Thank you,
>>>>> Alexey
>>>>>
>>>>> _______________________________________________
>>>>> Crypto-panel mailing list
>>>>> Crypto-panel@irtf.org
>>>>> https://www.irtf.org/mailman/listinfo/crypto-panel
>>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>