[Curdle] New Version Notification for draft-kampanakis-curdle-pq-ssh-00.txt

"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Wed, 21 October 2020 18:49 UTC

Return-Path: <pkampana@cisco.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5EF93A142C for <curdle@ietfa.amsl.com>; Wed, 21 Oct 2020 11:49:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.602
X-Spam-Level:
X-Spam-Status: No, score=-9.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=gGXgyJD2; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=cisco.onmicrosoft.com header.b=zPMJomyI
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pbIBefEByXZQ for <curdle@ietfa.amsl.com>; Wed, 21 Oct 2020 11:49:56 -0700 (PDT)
Received: from alln-iport-1.cisco.com (alln-iport-1.cisco.com [173.37.142.88]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 34A4E3A125C for <curdle@ietf.org>; Wed, 21 Oct 2020 11:49:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10003; q=dns/txt; s=iport; t=1603306194; x=1604515794; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=8yUXxo320k2M+M6scDAE1uJB6Suii9jIJ9xPP4N43Q0=; b=gGXgyJD21E0ngxLav9ZX+YDV/aWmnrMYZJxA8/WccEvkXakCemoocxSv p+TBBGSFdOIg56t0v6luIyL++v5seNYJ2zg4JPYAJOQa5ZM2672Nu2xBa q1XsIqL0okVBVxjTO3yVGISIfJzaqFMlcn0H8pZtkDnkCS4Fsqtn82Ehz 4=;
X-Files: smime.p7s : 4024
IronPort-PHdr: =?us-ascii?q?9a23=3AZAUIHBy/87G5vW3XCy+N+z0EezQntrPoPwUc9p?= =?us-ascii?q?sgjfdUf7+++4j5ZRWFt/RgkFGPWp/UuLpIiOvT5qbnX2FIoZOMq2sLf5EEUR?= =?us-ascii?q?gZwd4XkAotDI/gawX7IffmYjZ8EJFEU1lorHC2LUYTH9zxNBXep3So5msUHR?= =?us-ascii?q?PyfQN+OuXyHNvUiMK6n+C/8pHeeUNGnj24NLhzNx6x6w7Ws5ob?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0CbCACMgZBf/4UNJK1gHgEBCxIMggQ?= =?us-ascii?q?LgVJRB3AsLS8shDyDSQONUZh6gS6BJQNVBAcBAQEKAwEBIwoCBAEBhEoCggg?= =?us-ascii?q?CJTYHDgIDAQELAQEFAQEBAgEGBG2FYQELhXIBAQEEEhEdAQEmBgkCAQsEAgE?= =?us-ascii?q?ZBAEBKwICAjAdCAIEDgUIBhSDBYF+TQMfDwEOphYCgTmIaHaBMoMEAQEFgTc?= =?us-ascii?q?CDkGDFhiCCQcJgTiBU4Efg3CGVxuBQT+BEUOCTYMaAQEBAgGBXTyCWTOCLJA?= =?us-ascii?q?egnk9hzeBGYpHkRkKgmqETYJfgViSEoMWgSqIY5Q3kzmKdJVAAgQCBAUCDgE?= =?us-ascii?q?BBYFbCimBV3AVGiGCaQlHFwINjh+DcYUUhUJ0AgsrAgYKAQEDCXyNTAEB?=
X-IronPort-AV: E=Sophos;i="5.77,401,1596499200"; d="p7s'?scan'208";a="568636095"
Received: from alln-core-11.cisco.com ([173.36.13.133]) by alln-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 21 Oct 2020 18:49:53 +0000
Received: from XCH-RCD-005.cisco.com (xch-rcd-005.cisco.com [173.37.102.15]) by alln-core-11.cisco.com (8.15.2/8.15.2) with ESMTPS id 09LInqSC020346 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 21 Oct 2020 18:49:53 GMT
Received: from xhs-rcd-002.cisco.com (173.37.227.247) by XCH-RCD-005.cisco.com (173.37.102.15) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 21 Oct 2020 13:49:52 -0500
Received: from xhs-rtp-002.cisco.com (64.101.210.229) by xhs-rcd-002.cisco.com (173.37.227.247) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 21 Oct 2020 13:49:51 -0500
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-002.cisco.com (64.101.210.229) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Wed, 21 Oct 2020 14:49:51 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=POqfezATut46dFegrQmk53rKWw915TYO/BjUKFDLGIYlpReK4MzOjzP++EdaJkq8IUzgWYk6iJWM6ieow4S4GeWMzeQU1EptHC4SiN7QKJGYTTesRy7of1Of0KCZoRFEPVXk1hEJy7CBQwBZhLOR6RP+oI+RINBOLTxOF/sMylu9iqskNLgF6lzLuNuMe7u3ALKx4Ebq5XOwuGiJSgHiXT/yQqHz3nYEfd7tKiyy9uaErFkMTrcsRgRsgXZbhqwRUE1Yrco/gG40slbH3dk/NCyiYiZVHO7fUdbJZQo1LcK5s9VBO9M3HL4YTRNExqrqSbtAWdc+Tmz+xL3MNqCdEQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kQjPcmgPLOAFTyRnygY++Txxbym1KCbwPA0MJjwpd0U=; b=CqKhic7xI6tHqRkyNgaNmGOTaTZufRZMjARYwa+yGBAInEqEDC0jRCxElPdnhgAQzOlLQVkWs/RqwfZYUlOOnQ8pzWbXSDZYIrN5OpWyO9wsFY/R3XG4B8vR9R/MQZU7hobwbv99oQ/bMMcmeGM41lMIVcDe5xKCDUFXsN5T+xu+hMt5UcAOrymFuU397EiTBNSiSeHni9ptJR9op+HIz45Wbwiogvnp02FaF5KqlPw8ZElTubbOlLhHlSItynSZRIcjXalgkgm6MHuF6DV16usfe0BoE0+AcDBhQ7u+WGcvbrqozgUGdtiCs7tLtexlBiyzNzfldqfmykWVhKiSNQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kQjPcmgPLOAFTyRnygY++Txxbym1KCbwPA0MJjwpd0U=; b=zPMJomyIaDM03PqFwsl98oKVpdf7lr+5kA3AVwMllZ3c/DoOi3xgOpK42VEAIK3g99MtyKk5jDrdOwJ6SfdkK3Jy+yso5mT4qKc3eU+BBHEhvTnmAOUn8/bDpS1uRWbEE5+gfKhKuK0t6VOjXcW+XIidCeml2UFQliEIfruVFX0=
Received: from BN7SPR01MB0024.namprd11.prod.outlook.com (2603:10b6:408:38::13) by BN6PR11MB2020.namprd11.prod.outlook.com (2603:10b6:404:3c::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3477.20; Wed, 21 Oct 2020 18:49:50 +0000
Received: from BN7SPR01MB0024.namprd11.prod.outlook.com ([fe80::cc63:cc73:9544:bc0f]) by BN7SPR01MB0024.namprd11.prod.outlook.com ([fe80::cc63:cc73:9544:bc0f%6]) with mapi id 15.20.3477.020; Wed, 21 Oct 2020 18:49:50 +0000
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: "curdle@ietf.org" <curdle@ietf.org>
CC: Douglas Stebila <dstebila@uwaterloo.ca>, "Panos Kampanakis (pkampana)" <pkampana@cisco.com>, Dimitrios Sikeridis <dsike@unm.edu>, Markus Friedl <markus@openbsd.org>, Torben Hansen <htorben@amazon.com>
Thread-Topic: New Version Notification for draft-kampanakis-curdle-pq-ssh-00.txt
Thread-Index: AQHWp9OWFqzqLnxt3Ee/VJxCoSh4cqmiWrYw
Date: Wed, 21 Oct 2020 18:49:50 +0000
Message-ID: <BN7SPR01MB00242E76BD421378AF46B576C91C0@BN7SPR01MB0024.namprd11.prod.outlook.com>
References: <160330301424.31060.12468739416056590425@ietfa.amsl.com>
In-Reply-To: <160330301424.31060.12468739416056590425@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cisco.com;
x-originating-ip: [2001:420:c0c4:1006::36f]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 99bfce4c-fdb9-4f83-62d9-08d875f2172f
x-ms-traffictypediagnostic: BN6PR11MB2020:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <BN6PR11MB20207E594736A7558C01D9CAC91C0@BN6PR11MB2020.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: uh3JjF8XEOmMDNiEbv1FHCGslbx2bUaRDFUBdoWX9uePXBDzOJt/p7KJLpOVrBkWCEKbljsLoZiOxaZbGFA/xQLJEIIsPlhpBf5iWxS1VjGAILoL/FbvdDH3ZEhCL6yqaTgcQzR/rqx6VDZrhiZJe6enbIdqasJddT1D1rwj+HaMWlfe3QhsnKKPTsO1POkow1AXb3FUstU5eRaGd7kohP82A+Ml+eU0jg8mC5htFfmM9BshGNGqZsrmGaLtoGi6zptdpmVbOfQIPbXGTMC6RiPeqPPK73TASF/gmngNqN0GOvYJopu1/KikJzbwXXUsk5DJ8VpBFV3Gs4QkL5RogaJYj/Qv3UX78+npNNBKjZ3NJG5/IZIE8W4TXjpcjxcEOONrA4fEw18cKBLYQ4lgyA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN7SPR01MB0024.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(346002)(39860400002)(396003)(136003)(376002)(366004)(53546011)(5660300002)(966005)(8936002)(8676002)(4001150100001)(99936003)(66574015)(54906003)(71200400001)(83380400001)(7696005)(6506007)(316002)(76116006)(66946007)(66556008)(66446008)(33656002)(86362001)(64756008)(6916009)(9686003)(52536014)(15650500001)(2906002)(4326008)(186003)(55016002)(66476007)(66616009)(478600001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: q0Sg2h9hP9WRno1W04LcBOEhrGBjXkY/XaZYdmzvKkROZo2rboh2pRe+QQmPOhre3uL0CXy/+T5IWfMxh2WpFzXQRZRbtazqBMUaxnPymNMrMh8RlFoscmMCJlb9OP05CXUckG0jjKR10rjPTpLv2o/iwDA5ynuL27Z1SFzw+YF3vaS9jYLCIJsSyV9L/5KMFBCRvvrCXNESgklIvOQKhYPk3fFyjsu52ePgk7tuAWN86uP5YJR448JQPCGEOufmR9uN3w2TZGzvWHokO23sIvqOuqTBgSDoGMiShwa4+rGlIxpjOvT+p5prVsNCjIFE40FfNnCsGFpdjIutTl4/Dvf1WdR2lDs32rFq6cDF4TBpv7SLrBf/iObPCnEDd9CtN0p/dCRa4avR3Ar1hOUGlI7TFZEFczOh+S3OGqYLs0ZrfjAHB0t2DFBxKZr/zlUnolkPMJXzLdsqKXoOjB8rEFA3/mGN/Gu4yHFK+CsHTYKubRww52zN8w/9KNbAlWYmEysHjCPb0mUJZbv+r1tsmRqJXG7g7cy5l7BTO0H9mU2ft7axen0SbIA9t4y67BMAaY/DcVvC9r3xRYqbefray+WBuDqGKPY2kseJKb8iEJ856R9LU+1+tM73KPcZdXeAPBr+g8xksmnI5yy2SNmnWZaqdDfKmc+V593rGu8UTmQ=
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=2.16.840.1.101.3.4.2.1; boundary="----=_NextPart_000_0012_01D6A7B9.6CA57760"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN7SPR01MB0024.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 99bfce4c-fdb9-4f83-62d9-08d875f2172f
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Oct 2020 18:49:50.2483 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Nq4PwXqrbjQZMBYfFIwNi/YFsdOSM+JeLOC82NbYTByYrCXN2FyRS0Q0ziEdOBu//rDd+NfhcK5jwHHJ93T0EQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR11MB2020
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.15, xch-rcd-005.cisco.com
X-Outbound-Node: alln-core-11.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/OuV8PhqjwJXEX6LFYfbi5ZPI6c4>
Subject: [Curdle] New Version Notification for draft-kampanakis-curdle-pq-ssh-00.txt
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Oct 2020 18:49:59 -0000

Hi all,

This draft introduces post-quantum (PQ) algorithms to SSH. It includes Hybrid 
Key exchange messages for SSH and hybrid key exchange and PQ signature 
methods.

Note that we do not want to standardize anything before NIST has standardized 
the first PQ algorithms. We are following a similar approach to what the TLS 
WG is doing with https://tools.ietf.org/html/draft-ietf-tls-hybrid-design . 
They will not ratify the draft before NIST's PQ Round 3 has concluded (in 18 
months or so) so they can pick an algorithm.

draft-kampanakis-curdle-pq-ssh takes a different approach from 
draft-kario-gss-qr-kex which was submitted recently. Basically I feel that a 
new SSH draft would definitely not be ratified in less than 2 years, so there 
ample time to work on the details and come up with the actual SSH PQ 
identifiers after NIST has the first standardized algorithms.

Note that the industry has done experimental work with SSH performance with PQ 
algorithms (using OQS OpenSSH). Some preliminary results of ours are here 
https://blogs.cisco.com/security/tls-ssh-performance-pq-kem-auth and a 
conference paper will be published in December with more detailed results. So, 
we kind of know which algorithms seem more promising from NIST's Round 3 
algorithm Finalists. In other words, we can start the work now, instead of 
waiting for NIST Round 3 to conclude.

I know PQ algorithms in SSH are not in CURDLE's Charter right now, so this 
work may require re-chartering if the WG thought it is worth to pursue.

Thoughts welcome.

Rgs,
Panos



-----Original Message-----
From: internet-drafts@ietf.org <internet-drafts@ietf.org>
Sent: Wednesday, October 21, 2020 1:57 PM
To: Douglas Stebila <dstebila@uwaterloo.ca>ca>; Panos Kampanakis (pkampana) 
<pkampana@cisco.com>om>; Dimitrios Sikeridis <dsike@unm.edu>du>; Douglas Steblia 
<dstebila@uwaterloo.ca>ca>; Markus Friedl <markus@openbsd.org>rg>; Torben Hansen 
<htorben@amazon.com>
Subject: New Version Notification for draft-kampanakis-curdle-pq-ssh-00.txt


A new version of I-D, draft-kampanakis-curdle-pq-ssh-00.txt
has been successfully submitted by Panos Kampanakis and posted to the IETF 
repository.

Name:		draft-kampanakis-curdle-pq-ssh
Revision:	00
Title:		Post-quantum public key algorithms for the Secure Shell (SSH) protocol
Document date:	2020-10-21
Group:		Individual Submission
Pages:		13
URL: 
https://www.ietf.org/archive/id/draft-kampanakis-curdle-pq-ssh-00.txt
Status: 
https://datatracker.ietf.org/doc/draft-kampanakis-curdle-pq-ssh/
Html: 
https://www.ietf.org/archive/id/draft-kampanakis-curdle-pq-ssh-00.html
Htmlized:       https://tools.ietf.org/html/draft-kampanakis-curdle-pq-ssh-00


Abstract:
   This document defines hybrid key exchange methods based on classical
   ECDH key exchange and post-quantum key encapsulation schemes.  These
   methods are defined for use in the SSH Transport Layer Protocol.  It
   also defines post-quantum public key authentication methods based on
   post-quantum signature schemes.  These methods are defined for use in
   the SSH Authentication Protocol.

Note

   EDNOTE: The goal of this draft is to start the standardization of PQ
   algorithms in SSH early to mitigate the potential record-and-harvest
   later with a quantum computer attacks.  This draft is not expected to
   be finalized before the NIST PQ Project has standardized PQ
   algorithms.  After NIST has standardized then this document will
   replace TBD1, TBD3 with the appropriate algorithms and parameters
   before proceeding to ratification.

   EDNOTE: Discussion of this work is encouraged to happen on the IETF
   WG Mailing List or in the GitHub repository which contains the draft:
   https://github.com/csosto-pk/pq-ssh/issues .

   *Change Log* [EDNOTE: Remove befor publicaton].

   draft-kampanakis-curdle-pq-ssh-00
      *  Initial draft




Please note that it may take a couple of minutes from the time of submission 
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat