Re: [Curdle] XMSS for SSH
"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Fri, 08 November 2019 00:27 UTC
Return-Path: <pkampana@cisco.com>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D260D1200C4 for <curdle@ietfa.amsl.com>; Thu, 7 Nov 2019 16:27:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=b4WA6et9; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=qtjiTaa8
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kYeREL2PWjEe for <curdle@ietfa.amsl.com>; Thu, 7 Nov 2019 16:27:19 -0800 (PST)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88712120018 for <curdle@ietf.org>; Thu, 7 Nov 2019 16:27:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1130; q=dns/txt; s=iport; t=1573172839; x=1574382439; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=kCK8mIeJTjO0ZAJogWMG7gRU+iHf2OeaLF99YmGduaw=; b=b4WA6et9pSW6HtFy7a7azAT0Xv7ZUfTu03n5zxTh0msJM2Ih/nG1Hmoy dKnwiXJ6U8Y1IgjkEn5P33mFtCkRm9ymOY4BJeuAeRVEGtSPl29tXng+B sW/4zVfgJxUAhYGfOOM6AjAaayS8XpbzjNUO8nbGVz4pup8KeUYJbkeb/ s=;
IronPort-PHdr: 9a23:j2KCjhDJFMoS7ewmS5/wUyQJPHJ1sqjoPgMT9pssgq5PdaLm5Zn5IUjD/qs03kTRU9Dd7PRJw6rNvqbsVHZIwK7JsWtKMfkuHwQAld1QmgUhBMCfDkiuNP3jajQzGs1qX15+9Hb9Ok9QS47z
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0DZAQBCtcRd/4kNJK1lGwEBAQEBAQEFAQEBEQEBAwMBAQGBfoFLKScFbFggBAsqh28DiwKCXpd+glIDVAkBAQEMAQEYCwoCAQGDe0UChA4kOBMCAwsBAQQBAQECAQUEbYU3DIVRAQEBAQMBARAoBgEBLAsBCwQCAQgRBAEBHxAnCx0IAgQBDQUIGoMBgkYDLgECDKdfAoE4iGCCJ4J+AQEFgTgCg08YghcDBoE2jBQYgUA/gRFGgkw+gmIBAQOBYINAgiyNUqA2CoIkhxeFV4humXKORogxkTkCBAIEBQIOAQEFgWkigVhwFTuCbFARFFePX4EnAQiCQ4UUhT90gSiQEgEB
X-IronPort-AV: E=Sophos;i="5.68,279,1569283200"; d="scan'208";a="661851300"
Received: from alln-core-4.cisco.com ([173.36.13.137]) by rcdn-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 08 Nov 2019 00:27:18 +0000
Received: from XCH-RCD-017.cisco.com (xch-rcd-017.cisco.com [173.37.102.27]) by alln-core-4.cisco.com (8.15.2/8.15.2) with ESMTPS id xA80RICX022235 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 8 Nov 2019 00:27:18 GMT
Received: from xhs-rtp-003.cisco.com (64.101.210.230) by XCH-RCD-017.cisco.com (173.37.102.27) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 7 Nov 2019 18:27:17 -0600
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by xhs-rtp-003.cisco.com (64.101.210.230) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Thu, 7 Nov 2019 19:27:16 -0500
Received: from NAM05-CO1-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Thu, 7 Nov 2019 18:27:16 -0600
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Uj1TdT37QdnC4t4EWGNWpzvHLDUQSBHJEQ+ZBPHSH1rxnMipFWWE8vxggjKA31ZBAqNxl59bopjKE7BkOaDVO2nHfjX+WlVqo8jICYDddlx4iMxu43Yh4u6PdsTVfoz0/AeWzkjJJkqeDPPu87R8Yz5IDixhkE1GFYRO9iBWxxPZKzK4Bp13wPsDuigZpOQrSET3akgKGIDH68ghz6TIGmcu2rnTlI2V3T3ZOh28umjbxSuPQtvzVAn1NZgpHELF5bnYotXjG3A9+RWkowm84KOnbN40CaVT8R/63h8a7+3cIYAYTtTv8mHRvQCH+Z1tFM2sIRJJXpM9UxvYfzKFBQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IXMhOj7PNA6zzccha2eWR65ul7HwaLJixARAPLdt4t4=; b=PYvtxqJyccMbTlUCDogvfk5Q91U0WrUV9NKF73/DR3D51oRNDCrpQ5PPgidwmAEaCTVxucTLf//md2XiQd2KiGJOMfvz0BFxRPSByPqcmP3x1nSqMRjLO6CDxxKsBRCWLT0Nmw4X47QMcW5dIzRyNLsfTvmctf8Ig9+tqQSB/jqelQNOZePbb8qy9rp8h86Qa4WD3fRXx9ZA/Ff2w5NItNR3Z1URo9Vf0mjb630gaSR7GD3Rnp0ccpf5gfM/EBMACT8ktyBwcgLdt6w6upd8eSi+kbmwUQgglL4gt5wl87JiZ43X7gP5Kba2yaVsG55Amfl8wajyNuny6FXFj6rpKw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IXMhOj7PNA6zzccha2eWR65ul7HwaLJixARAPLdt4t4=; b=qtjiTaa8kNpZzwjtWNPbrwebYg0ieySqNypYwAymGpF0RcLwY7oFbsuXAfNxzDGa9989Ivg0d3lqVvHifjDvKOFsMa7uCra1aM5NVtkJrAO+7zYcVtQlGKebX1XCwJJU1DkviRl3q8jSyy/q0liBdjJBETW4pEJ+R3xsYqGZG4w=
Received: from BN7PR11MB2547.namprd11.prod.outlook.com (52.135.255.146) by BN7PR11MB2593.namprd11.prod.outlook.com (52.135.253.155) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2430.20; Fri, 8 Nov 2019 00:27:15 +0000
Received: from BN7PR11MB2547.namprd11.prod.outlook.com ([fe80::5c82:bb6a:d0f0:b802]) by BN7PR11MB2547.namprd11.prod.outlook.com ([fe80::5c82:bb6a:d0f0:b802%6]) with mapi id 15.20.2430.020; Fri, 8 Nov 2019 00:27:15 +0000
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: Loganaden Velvindron <loganaden@gmail.com>, curdle <curdle@ietf.org>
CC: "Scott Fluhrer (sfluhrer)" <sfluhrer@cisco.com>, "David McGrew (mcgrew)" <mcgrew@cisco.com>
Thread-Topic: [Curdle] XMSS for SSH
Thread-Index: AQHVk6HPMLTSdMxhS0if+0+peTDYK6eAbk+Q
Date: Fri, 08 Nov 2019 00:27:15 +0000
Message-ID: <BN7PR11MB2547D7EEC8BEE18AD7027C88C97B0@BN7PR11MB2547.namprd11.prod.outlook.com>
References: <CAOp4FwSh_4RxazGOnx4CQXYiaDodGxMprnv02xL3u-oC4NX2rA@mail.gmail.com>
In-Reply-To: <CAOp4FwSh_4RxazGOnx4CQXYiaDodGxMprnv02xL3u-oC4NX2rA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pkampana@cisco.com;
x-originating-ip: [2001:420:c0c8:1004::7ba]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c9eb0f02-489e-46c2-2908-08d763e26823
x-ms-traffictypediagnostic: BN7PR11MB2593:
x-ms-exchange-purlcount: 3
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <BN7PR11MB25932ACD84F900110461AAFCC97B0@BN7PR11MB2593.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7219;
x-forefront-prvs: 0215D7173F
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(396003)(136003)(346002)(376002)(366004)(199004)(189003)(13464003)(2906002)(54906003)(110136005)(316002)(66476007)(229853002)(66446008)(66946007)(86362001)(53546011)(102836004)(14454004)(66556008)(8936002)(76176011)(99286004)(7696005)(9686003)(55016002)(64756008)(11346002)(33656002)(6116002)(6436002)(6506007)(76116006)(6306002)(446003)(6246003)(5660300002)(4326008)(476003)(71190400001)(81156014)(46003)(81166006)(7736002)(478600001)(966005)(486006)(25786009)(74316002)(305945005)(71200400001)(256004)(186003)(107886003)(52536014)(8676002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN7PR11MB2593; H:BN7PR11MB2547.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: /YmAVDO7qKhxtCrLStIM96ugxstaZU0VxA2/wssV5x7U3Y87EKX3B4VDgLMJQNlQ1aoocitqiLzKgENne0c0TfBsdNFk2w6cDgCA1spx5bvsFOhVC5duQHjkeXbV8+kv6I0OQg7MRuHIdV6YeFEhLa2jA8ui+YRhL+SwyYOBkEZNfQEhCFERpSWc+WM8fQSRLWiUAZYGRDtuBFxENvbvz3dcEvYWAgTz8Y+fdX5Fg/29fVZ4vYk0WB2wFiwIuZYkhIl//d2rWTZ3Pg7UR3wZBXSoJUFXujj8vMwtrAyuDEyG4mgJ/ydbsHLfd1JWa3OkQIlrhNoFLk3aZ6HpDvqDxc2dS6cdrKCh9wxfGflGP2D7XVWj6x3btgPB4/aWoymmbLc2p2TcuBPVp8aHLUndVporDI4mBoio4x4kyFQLB2SsqDhI/KHUBq5ML1NVeYEOIUiiRsAzzxBY2X9lBAcT+IUGSeSNV1pgYl+Tt9cbI2U=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: c9eb0f02-489e-46c2-2908-08d763e26823
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Nov 2019 00:27:15.6408 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: QBRtLBkt8q2inEgRSxhOzCpp/fBMp18ZAp9cPwcD+ZKGgfIfpmJ7zg4FvBYkIlrozuS639RFkuj3Y6fAiIVMag==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN7PR11MB2593
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.27, xch-rcd-017.cisco.com
X-Outbound-Node: alln-core-4.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/uLuamFGEVSua4aPcpdDnuA9aSjQ>
Subject: Re: [Curdle] XMSS for SSH
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Nov 2019 00:27:22 -0000
Hi Logan, I would like to propose to add a format for LMS as well https://datatracker.ietf.org/doc/rfc8554/ LMS and XMSS are both stateful HBS schemes that could be used in SSH. So, since you are going through the trouble to add one, I would suggest to add both so they can both be used in the future where it makes sense. . Rgs, Panos -----Original Message----- From: Curdle <curdle-bounces@ietf.org> On Behalf Of Loganaden Velvindron Sent: Tuesday, November 05, 2019 1:25 AM To: curdle <curdle@ietf.org> Subject: [Curdle] XMSS for SSH We put up a quick document for SSH-XMSS. XMSS support in OpenSSH is not compiled by default. However, it appears that a german vendor is using it. https://tools.ietf.org/html/draft-mu-curdle-ssh-xmss-00 We couldn't upload rev01 as we missed the deadline. I used the ed25519 I-D as template for XMSS I-D, and the SSHFP section is fixed as well as other fixes in rev01. Kind regards, //Logan C-x-C-c _______________________________________________ Curdle mailing list Curdle@ietf.org https://www.ietf.org/mailman/listinfo/curdle
- [Curdle] XMSS for SSH Loganaden Velvindron
- Re: [Curdle] XMSS for SSH Panos Kampanakis (pkampana)