IETF Logo Mail Archive

[Curdle] Review of draft-ietf-curdle-cms-eddsa-signatures-03

Jim Schaad <ietf@augustcellars.com> Wed, 29 March 2017 15:50 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B1231296DF; Wed, 29 Mar 2017 08:50:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=augustcellars.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1wYOoqZs8_Je; Wed, 29 Mar 2017 08:50:25 -0700 (PDT)
Received: from mail4.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C530F129801; Wed, 29 Mar 2017 08:50:16 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Language: en-us
DKIM-Signature: v=1; a=rsa-sha256; d=augustcellars.com; s=winery; c=simple/simple; t=1490802613; h=from:subject:to:date:message-id; bh=Osn+IZPTVxr92LI5QnpPl3dO7ZTqTRBhcpyJrGOouko=; b=EClBLD/y+sU3fIciU2Pqqo35KrqQE9RxJV5HD9DBy6W97BIUI5A/e9u2xPITFyJh2p1WoeTmUuZ CNxxLbW6K0lDm+kx23Nrkc9SNN7WaHvTPPudWgwrtCT7iQgh52NCYbWGVLrSp+qTzcclyiQRdJpVm t3nwcTcDD6t/fD0PJeKpw3SH0lZZ+0vL6FSg+9QAhjFAO1J+CvG7kMfH8pBeq1phHU5k8XEFClOgk 5x/QpmDiR+uyRJwOHErVWGwY1FHca0r7QbrI21F6mgoO6BzqDg0gJwwuxK4r5wB1ohj0hLbf7guBI Rv2Pr0Ntpv+3vCa1EFJpY/oH5W/5gNTXjOHA==
Received: from mail2.augustcellars.com (192.168.1.201) by mail4.augustcellars.com (192.168.1.153) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Wed, 29 Mar 2017 08:50:12 -0700
Received: from hebrews (31.133.135.244) by mail2.augustcellars.com (192.168.0.56) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Wed, 29 Mar 2017 08:50:11 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: draft-ietf-curdle-cms-eddsa-signatures@ietf.org
CC: curdle@ietf.org
Date: Wed, 29 Mar 2017 10:50:09 -0500
Message-ID: <059e01d2a8a4$270b2370$75216a50$@augustcellars.com>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdKooQK6SrMlzY7yRbmsJmAmLbc8jg==
X-Originating-IP: [31.133.135.244]
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/1jwb3UYqmB1mgHw-y4pYBQoNvhY>
Subject: [Curdle] Review of draft-ietf-curdle-cms-eddsa-signatures-03
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Mar 2017 15:50:29 -0000

Section 3.1 - I would like to have a brief discussion on the integer value
that is being used with the id-shake256-len OID when it is being used as a
digest algorithm.  The value of 512 means that the signature security is
going to be the same as is currently setup for Ed25519.  To have the same
dynamic as Ed25519 does, this should be 448*2 so that after birthday attacks
the same size of value would be provided.

Section 4 - I thing that it should also be highlighted that this is a
greater problem for when using the Signed-data without signed attributes as
the value signed is more constrained in the other case.


Jim

v2.23.0 | Report a Bug | By Email