Re: [Dcrup] Review of draft-ietf-dcrup-dkim-crypto-03

Peter Goldstein <peter@valimail.com> Mon, 10 July 2017 03:02 UTC

Return-Path: <peter@valimail.com>
X-Original-To: dcrup@ietfa.amsl.com
Delivered-To: dcrup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5FD4613148D for <dcrup@ietfa.amsl.com>; Sun, 9 Jul 2017 20:02:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.019
X-Spam-Level:
X-Spam-Status: No, score=-1.019 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_FONT_FACE_BAD=0.981, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=valimail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id txEMJ3RW3OvX for <dcrup@ietfa.amsl.com>; Sun, 9 Jul 2017 20:02:35 -0700 (PDT)
Received: from mail-qt0-x233.google.com (mail-qt0-x233.google.com [IPv6:2607:f8b0:400d:c0d::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7DBE913148C for <dcrup@ietf.org>; Sun, 9 Jul 2017 20:02:35 -0700 (PDT)
Received: by mail-qt0-x233.google.com with SMTP id 32so62712464qtv.1 for <dcrup@ietf.org>; Sun, 09 Jul 2017 20:02:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=c+P62gObLvb6y+D7qoYH6A5PzT3Luq4rIufFMM71n2s=; b=HuBiNLWWost9l7YMa5Bh02oNbEN+ygFUO+Xv4zS/kaB6oGm7KQhwfRZUq5tqGCyg8r ElIOxCXilLtniMUzahYWWxvq36Sy07KoHiQS8l2jR9ViaHko1snsyW1ztLzxXR862alY rD9eUJFEUVq57p85v+Bb+2W4LfhL5UG92vsh8sqgA0GzYVR6fffKNuQeZAKfa8vtHzmQ uC+Kv7QqR4DBiiJJkJEtS836hkteah6axettg/4khJTZioHtIqGd9XJfFBYGkjqQyd9f ILjfmdKr7jbbz73qtAVBllcT/HMg8Jkz7JRl8ITF6wHbXM5TVYTiTjQkXp+rmTXV0/FV 5krA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=c+P62gObLvb6y+D7qoYH6A5PzT3Luq4rIufFMM71n2s=; b=oZ7i8tR6cumMahLRBp8PXh7ZW1hbvLr5vy64gmxbv4qqCXSZlCrFvSOgGuvx7hYIei HSLmrjcqK7IE3gplARbFIxEAYpzj3mhL1novpsTtMU+oBR8Q+vo+rC7KeS2keKaLertB 7ZPH+cFaZCukvvHXVhySu2CIBtPdEotKbClKpaXlkVUlNK7tCH1nL+RmzMKb90Abde8/ I2sFrgkvVAwT1Sy95j1083CgQK8wZTAZpdyh9NSvzjt5ScyvfQbKteUHUDbYfcfvgtv3 x7u9/XBWiooaaE4ZRiBANYnG5a2NeopB5azkoB8lzZBTkA/dVVeioYUZnB5iYJPkJCer hVSA==
X-Gm-Message-State: AIVw1134teKu77fhLdyW/d5oHmoL5pU976tCvbexFta7hcDNHRiaMpun Yn2TgA/N+uXnls3FjfrIaEd5SBNYRvyt
X-Received: by 10.237.45.67 with SMTP id h61mr1652739qtd.246.1499655754696; Sun, 09 Jul 2017 20:02:34 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.12.185.157 with HTTP; Sun, 9 Jul 2017 20:02:34 -0700 (PDT)
In-Reply-To: <CABcZeBNnVrgW7J2nr3ds+++Lau4LRxa2EG69vywyBmBu+uzuPw@mail.gmail.com>
References: <CABkgnnW8nnoRGKoJQ4STAcT6CXdWFRCpz0h20hw+ksfw1x0PGg@mail.gmail.com> <6d4b76c9b42848f1b18c42ba22895993@usma1ex-dag1mb1.msg.corp.akamai.com> <CABcZeBM-qh+iW_+Br2URpdjHsLZ_L1xqZWUVirW-8-E7k4cvzg@mail.gmail.com> <564f297f17424f34b4ba1e118ab6f62c@usma1ex-dag1mb1.msg.corp.akamai.com> <D4D564D0-73C6-45CA-9962-33106229DE02@bluepopcorn.net> <220DB06A-E06D-4DAF-ADE6-7536B6E43630@callas.org> <aeee2c9019114d9789a2cd768f0b15e1@usma1ex-dag1mb1.msg.corp.akamai.com> <F16764CE-D4C4-4A48-9779-37BC8C2D1261@bluepopcorn.net> <CADPMZDB03S5ffc3_Ker=h08japc2PGAbch3F=+jRL9ZBjCzs3w@mail.gmail.com> <CABcZeBNnVrgW7J2nr3ds+++Lau4LRxa2EG69vywyBmBu+uzuPw@mail.gmail.com>
From: Peter Goldstein <peter@valimail.com>
Date: Sun, 09 Jul 2017 20:02:34 -0700
Message-ID: <CAOj=BA0W67AGpzRurd8ue8ZhgLesfb6rdnutLy4dVnqwfVSu9A@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: denis bider <denisbider.ietf@gmail.com>, Jim Fenton <fenton@bluepopcorn.net>, "Salz, Rich" <rsalz@akamai.com>, "dcrup@ietf.org" <dcrup@ietf.org>, Martin Thomson <martin.thomson@gmail.com>, Jon Callas <jon@callas.org>
Content-Type: multipart/alternative; boundary="94eb2c124a888b5efc0553edd00b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dcrup/m-qPbEqUXQtpecmhSxp_-6UlwLs>
Subject: Re: [Dcrup] Review of draft-ietf-dcrup-dkim-crypto-03
X-BeenThere: dcrup@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DKIM Crypto Update <dcrup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dcrup>, <mailto:dcrup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dcrup/>
List-Post: <mailto:dcrup@ietf.org>
List-Help: <mailto:dcrup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dcrup>, <mailto:dcrup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Jul 2017 03:02:37 -0000

>
> Moreover, QC isn't the only possible event that could cause us to wish to
> have larger keys. There might be a modest improvement in dlog that would
> make Curve25519 problematic but Curve448 or P-521 comfortable (indeed, this
> is how we got to the point where we wish to have RSA keys > 1024).


>
Support for larger keys isn't the issue at hand.  The issue is the 255
character limit imposed by the DNS crudware.  And I think keys for each of
those curves easily fit under the limit.

Based on my math (with 24 additional bytes allocated for version tag/value
and any other key/value pairs), then we've got (assuming my key sizes are
correct):

Curve448 - 114 bytes (key) + 24 bytes = 138 bytes maximum
P-521 - 212 bytes (key) + 24 bytes = 236 bytes maximum

I don't do much low level crypto these days, so if I'm off on my base 64
public key sizes, please let me know.  But in both cases it looks like
there's room to spare.

As for QC, I think John's point earlier in the thread isn't that QC will
require larger keys - but rather than real QC would require fundamental
reconsideration of DKIM as a whole.

Best,

Peter

-- 


[image: logo for sig file.png]

Bringing Trust to Email

Peter Goldstein | CTO & Co-Founder

peter@valimail.com
+1.415.793.5783