[Curdle] New Version Notification for draft-kampanakis-curdle-pq-ssh-00.txt
"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Wed, 21 October 2020 18:49 UTC
Return-Path: <pkampana@cisco.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5EF93A142C for <curdle@ietfa.amsl.com>; Wed, 21 Oct 2020 11:49:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.602
X-Spam-Level:
X-Spam-Status: No, score=-9.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=gGXgyJD2; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=cisco.onmicrosoft.com header.b=zPMJomyI
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pbIBefEByXZQ for <curdle@ietfa.amsl.com>; Wed, 21 Oct 2020 11:49:56 -0700 (PDT)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 34A4E3A125C for <curdle@ietf.org>; Wed, 21 Oct 2020 11:49:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10003; q=dns/txt; s=iport; t=1603306194; x=1604515794; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=8yUXxo320k2M+M6scDAE1uJB6Suii9jIJ9xPP4N43Q0=; b=gGXgyJD21E0ngxLav9ZX+YDV/aWmnrMYZJxA8/WccEvkXakCemoocxSv p+TBBGSFdOIg56t0v6luIyL++v5seNYJ2zg4JPYAJOQa5ZM2672Nu2xBa q1XsIqL0okVBVxjTO3yVGISIfJzaqFMlcn0H8pZtkDnkCS4Fsqtn82Ehz 4=;
X-Files: smime.p7s : 4024
IronPort-PHdr: 9a23:ZAUIHBy/87G5vW3XCy+N+z0EezQntrPoPwUc9psgjfdUf7+++4j5ZRWFt/RgkFGPWp/UuLpIiOvT5qbnX2FIoZOMq2sLf5EEURgZwd4XkAotDI/gawX7IffmYjZ8EJFEU1lorHC2LUYTH9zxNBXep3So5msUHRPyfQN+OuXyHNvUiMK6n+C/8pHeeUNGnj24NLhzNx6x6w7Ws5ob
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CbCACMgZBf/4UNJK1gHgEBCxIMggQLgVJRB3AsLS8shDyDSQONUZh6gS6BJQNVBAcBAQEKAwEBIwoCBAEBhEoCgggCJTYHDgIDAQELAQEFAQEBAgEGBG2FYQELhXIBAQEEEhEdAQEmBgkCAQsEAgEZBAEBKwICAjAdCAIEDgUIBhSDBYF+TQMfDwEOphYCgTmIaHaBMoMEAQEFgTcCDkGDFhiCCQcJgTiBU4Efg3CGVxuBQT+BEUOCTYMaAQEBAgGBXTyCWTOCLJAegnk9hzeBGYpHkRkKgmqETYJfgViSEoMWgSqIY5Q3kzmKdJVAAgQCBAUCDgEBBYFbCimBV3AVGiGCaQlHFwINjh+DcYUUhUJ0AgsrAgYKAQEDCXyNTAEB
X-IronPort-AV: E=Sophos;i="5.77,401,1596499200"; d="p7s'?scan'208";a="568636095"
Received: from alln-core-11.cisco.com ([173.36.13.133]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 21 Oct 2020 18:49:53 +0000
Received: from XCH-RCD-005.cisco.com (xch-rcd-005.cisco.com [173.37.102.15]) by alln-core-11.cisco.com (8.15.2/8.15.2) with ESMTPS id 09LInqSC020346 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 21 Oct 2020 18:49:53 GMT
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by XCH-RCD-005.cisco.com (173.37.102.15) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 21 Oct 2020 13:49:52 -0500
Received: from xhs-rtp-002.cisco.com (64.101.210.229) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 21 Oct 2020 13:49:51 -0500
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-002.cisco.com (64.101.210.229) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Wed, 21 Oct 2020 14:49:51 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=POqfezATut46dFegrQmk53rKWw915TYO/BjUKFDLGIYlpReK4MzOjzP++EdaJkq8IUzgWYk6iJWM6ieow4S4GeWMzeQU1EptHC4SiN7QKJGYTTesRy7of1Of0KCZoRFEPVXk1hEJy7CBQwBZhLOR6RP+oI+RINBOLTxOF/sMylu9iqskNLgF6lzLuNuMe7u3ALKx4Ebq5XOwuGiJSgHiXT/yQqHz3nYEfd7tKiyy9uaErFkMTrcsRgRsgXZbhqwRUE1Yrco/gG40slbH3dk/NCyiYiZVHO7fUdbJZQo1LcK5s9VBO9M3HL4YTRNExqrqSbtAWdc+Tmz+xL3MNqCdEQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kQjPcmgPLOAFTyRnygY++Txxbym1KCbwPA0MJjwpd0U=; b=CqKhic7xI6tHqRkyNgaNmGOTaTZufRZMjARYwa+yGBAInEqEDC0jRCxElPdnhgAQzOlLQVkWs/RqwfZYUlOOnQ8pzWbXSDZYIrN5OpWyO9wsFY/R3XG4B8vR9R/MQZU7hobwbv99oQ/bMMcmeGM41lMIVcDe5xKCDUFXsN5T+xu+hMt5UcAOrymFuU397EiTBNSiSeHni9ptJR9op+HIz45Wbwiogvnp02FaF5KqlPw8ZElTubbOlLhHlSItynSZRIcjXalgkgm6MHuF6DV16usfe0BoE0+AcDBhQ7u+WGcvbrqozgUGdtiCs7tLtexlBiyzNzfldqfmykWVhKiSNQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kQjPcmgPLOAFTyRnygY++Txxbym1KCbwPA0MJjwpd0U=; b=zPMJomyIaDM03PqFwsl98oKVpdf7lr+5kA3AVwMllZ3c/DoOi3xgOpK42VEAIK3g99MtyKk5jDrdOwJ6SfdkK3Jy+yso5mT4qKc3eU+BBHEhvTnmAOUn8/bDpS1uRWbEE5+gfKhKuK0t6VOjXcW+XIidCeml2UFQliEIfruVFX0=
Received: from BN7SPR01MB0024.namprd11.prod.outlook.com (2603:10b6:408:38::13) by BN6PR11MB2020.namprd11.prod.outlook.com (2603:10b6:404:3c::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3477.20; Wed, 21 Oct 2020 18:49:50 +0000
Received: from BN7SPR01MB0024.namprd11.prod.outlook.com ([fe80::cc63:cc73:9544:bc0f]) by BN7SPR01MB0024.namprd11.prod.outlook.com ([fe80::cc63:cc73:9544:bc0f%6]) with mapi id 15.20.3477.020; Wed, 21 Oct 2020 18:49:50 +0000
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: "curdle@ietf.org" <curdle@ietf.org>
CC: Douglas Stebila <dstebila@uwaterloo.ca>, "Panos Kampanakis (pkampana)" <pkampana@cisco.com>, Dimitrios Sikeridis <dsike@unm.edu>, Markus Friedl <markus@openbsd.org>, Torben Hansen <htorben@amazon.com>
Thread-Topic: New Version Notification for draft-kampanakis-curdle-pq-ssh-00.txt
Thread-Index: AQHWp9OWFqzqLnxt3Ee/VJxCoSh4cqmiWrYw
Date: Wed, 21 Oct 2020 18:49:50 +0000
Message-ID: <BN7SPR01MB00242E76BD421378AF46B576C91C0@BN7SPR01MB0024.namprd11.prod.outlook.com>
References: <160330301424.31060.12468739416056590425@ietfa.amsl.com>
In-Reply-To: <160330301424.31060.12468739416056590425@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [2001:420:c0c4:1006::36f]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 99bfce4c-fdb9-4f83-62d9-08d875f2172f
x-ms-traffictypediagnostic: BN6PR11MB2020:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <BN6PR11MB20207E594736A7558C01D9CAC91C0@BN6PR11MB2020.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: uh3JjF8XEOmMDNiEbv1FHCGslbx2bUaRDFUBdoWX9uePXBDzOJt/p7KJLpOVrBkWCEKbljsLoZiOxaZbGFA/xQLJEIIsPlhpBf5iWxS1VjGAILoL/FbvdDH3ZEhCL6yqaTgcQzR/rqx6VDZrhiZJe6enbIdqasJddT1D1rwj+HaMWlfe3QhsnKKPTsO1POkow1AXb3FUstU5eRaGd7kohP82A+Ml+eU0jg8mC5htFfmM9BshGNGqZsrmGaLtoGi6zptdpmVbOfQIPbXGTMC6RiPeqPPK73TASF/gmngNqN0GOvYJopu1/KikJzbwXXUsk5DJ8VpBFV3Gs4QkL5RogaJYj/Qv3UX78+npNNBKjZ3NJG5/IZIE8W4TXjpcjxcEOONrA4fEw18cKBLYQ4lgyA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN7SPR01MB0024.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(346002)(39860400002)(396003)(136003)(376002)(366004)(53546011)(5660300002)(966005)(8936002)(8676002)(4001150100001)(99936003)(66574015)(54906003)(71200400001)(83380400001)(7696005)(6506007)(316002)(76116006)(66946007)(66556008)(66446008)(33656002)(86362001)(64756008)(6916009)(9686003)(52536014)(15650500001)(2906002)(4326008)(186003)(55016002)(66476007)(66616009)(478600001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: q0Sg2h9hP9WRno1W04LcBOEhrGBjXkY/XaZYdmzvKkROZo2rboh2pRe+QQmPOhre3uL0CXy/+T5IWfMxh2WpFzXQRZRbtazqBMUaxnPymNMrMh8RlFoscmMCJlb9OP05CXUckG0jjKR10rjPTpLv2o/iwDA5ynuL27Z1SFzw+YF3vaS9jYLCIJsSyV9L/5KMFBCRvvrCXNESgklIvOQKhYPk3fFyjsu52ePgk7tuAWN86uP5YJR448JQPCGEOufmR9uN3w2TZGzvWHokO23sIvqOuqTBgSDoGMiShwa4+rGlIxpjOvT+p5prVsNCjIFE40FfNnCsGFpdjIutTl4/Dvf1WdR2lDs32rFq6cDF4TBpv7SLrBf/iObPCnEDd9CtN0p/dCRa4avR3Ar1hOUGlI7TFZEFczOh+S3OGqYLs0ZrfjAHB0t2DFBxKZr/zlUnolkPMJXzLdsqKXoOjB8rEFA3/mGN/Gu4yHFK+CsHTYKubRww52zN8w/9KNbAlWYmEysHjCPb0mUJZbv+r1tsmRqJXG7g7cy5l7BTO0H9mU2ft7axen0SbIA9t4y67BMAaY/DcVvC9r3xRYqbefray+WBuDqGKPY2kseJKb8iEJ856R9LU+1+tM73KPcZdXeAPBr+g8xksmnI5yy2SNmnWZaqdDfKmc+V593rGu8UTmQ=
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="2.16.840.1.101.3.4.2.1"; boundary="----=_NextPart_000_0012_01D6A7B9.6CA57760"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN7SPR01MB0024.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 99bfce4c-fdb9-4f83-62d9-08d875f2172f
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Oct 2020 18:49:50.2483 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Nq4PwXqrbjQZMBYfFIwNi/YFsdOSM+JeLOC82NbYTByYrCXN2FyRS0Q0ziEdOBu//rDd+NfhcK5jwHHJ93T0EQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR11MB2020
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.15, xch-rcd-005.cisco.com
X-Outbound-Node: alln-core-11.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/OuV8PhqjwJXEX6LFYfbi5ZPI6c4>
Subject: [Curdle] New Version Notification for draft-kampanakis-curdle-pq-ssh-00.txt
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Oct 2020 18:49:59 -0000
Hi all, This draft introduces post-quantum (PQ) algorithms to SSH. It includes Hybrid Key exchange messages for SSH and hybrid key exchange and PQ signature methods. Note that we do not want to standardize anything before NIST has standardized the first PQ algorithms. We are following a similar approach to what the TLS WG is doing with https://tools.ietf.org/html/draft-ietf-tls-hybrid-design . They will not ratify the draft before NIST's PQ Round 3 has concluded (in 18 months or so) so they can pick an algorithm. draft-kampanakis-curdle-pq-ssh takes a different approach from draft-kario-gss-qr-kex which was submitted recently. Basically I feel that a new SSH draft would definitely not be ratified in less than 2 years, so there ample time to work on the details and come up with the actual SSH PQ identifiers after NIST has the first standardized algorithms. Note that the industry has done experimental work with SSH performance with PQ algorithms (using OQS OpenSSH). Some preliminary results of ours are here https://blogs.cisco.com/security/tls-ssh-performance-pq-kem-auth and a conference paper will be published in December with more detailed results. So, we kind of know which algorithms seem more promising from NIST's Round 3 algorithm Finalists. In other words, we can start the work now, instead of waiting for NIST Round 3 to conclude. I know PQ algorithms in SSH are not in CURDLE's Charter right now, so this work may require re-chartering if the WG thought it is worth to pursue. Thoughts welcome. Rgs, Panos -----Original Message----- From: internet-drafts@ietf.org <internet-drafts@ietf.org> Sent: Wednesday, October 21, 2020 1:57 PM To: Douglas Stebila <dstebila@uwaterloo.ca>; Panos Kampanakis (pkampana) <pkampana@cisco.com>; Dimitrios Sikeridis <dsike@unm.edu>; Douglas Steblia <dstebila@uwaterloo.ca>; Markus Friedl <markus@openbsd.org>; Torben Hansen <htorben@amazon.com> Subject: New Version Notification for draft-kampanakis-curdle-pq-ssh-00.txt A new version of I-D, draft-kampanakis-curdle-pq-ssh-00.txt has been successfully submitted by Panos Kampanakis and posted to the IETF repository. Name: draft-kampanakis-curdle-pq-ssh Revision: 00 Title: Post-quantum public key algorithms for the Secure Shell (SSH) protocol Document date: 2020-10-21 Group: Individual Submission Pages: 13 URL: https://www.ietf.org/archive/id/draft-kampanakis-curdle-pq-ssh-00.txt Status: https://datatracker.ietf.org/doc/draft-kampanakis-curdle-pq-ssh/ Html: https://www.ietf.org/archive/id/draft-kampanakis-curdle-pq-ssh-00.html Htmlized: https://tools.ietf.org/html/draft-kampanakis-curdle-pq-ssh-00 Abstract: This document defines hybrid key exchange methods based on classical ECDH key exchange and post-quantum key encapsulation schemes. These methods are defined for use in the SSH Transport Layer Protocol. It also defines post-quantum public key authentication methods based on post-quantum signature schemes. These methods are defined for use in the SSH Authentication Protocol. Note EDNOTE: The goal of this draft is to start the standardization of PQ algorithms in SSH early to mitigate the potential record-and-harvest later with a quantum computer attacks. This draft is not expected to be finalized before the NIST PQ Project has standardized PQ algorithms. After NIST has standardized then this document will replace TBD1, TBD3 with the appropriate algorithms and parameters before proceeding to ratification. EDNOTE: Discussion of this work is encouraged to happen on the IETF WG Mailing List or in the GitHub repository which contains the draft: https://github.com/csosto-pk/pq-ssh/issues . *Change Log* [EDNOTE: Remove befor publicaton]. draft-kampanakis-curdle-pq-ssh-00 * Initial draft Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
- [Curdle] New Version Notification for draft-kampa… Panos Kampanakis (pkampana)
- Re: [Curdle] New Version Notification for draft-k… denis bider
- Re: [Curdle] New Version Notification for draft-k… Hubert Kario