Re: [Emu] I-D Action: draft-ietf-emu-aka-pfs-04.txt
Russ Housley <housley@vigilsec.com> Wed, 24 June 2020 20:04 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E4EF3A1157 for <emu@ietfa.amsl.com>; Wed, 24 Jun 2020 13:04:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wBr9NAsusF8e for <emu@ietfa.amsl.com>; Wed, 24 Jun 2020 13:04:43 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 727443A1155 for <emu@ietf.org>; Wed, 24 Jun 2020 13:04:43 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id C9D68300B3B for <emu@ietf.org>; Wed, 24 Jun 2020 16:04:40 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id bIlY4zkdQmlM for <emu@ietf.org>; Wed, 24 Jun 2020 16:04:39 -0400 (EDT)
Received: from a860b60074bd.fios-router.home (pool-72-66-113-56.washdc.fios.verizon.net [72.66.113.56]) by mail.smeinc.net (Postfix) with ESMTPSA id 08E99300A93; Wed, 24 Jun 2020 16:04:38 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.14\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <ca54cb5a-b4e9-6649-04bd-08955e93cb1d@ericsson.com>
Date: Wed, 24 Jun 2020 16:04:39 -0400
Cc: "emu@ietf.org" <emu@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <9AB51563-756E-4C9E-8C1B-42302AAF7769@vigilsec.com>
References: <159047624580.18151.8173719540463566179@ietfa.amsl.com> <ca54cb5a-b4e9-6649-04bd-08955e93cb1d@ericsson.com>
To: Mohit Sethi M <mohit.m.sethi=40ericsson.com@dmarc.ietf.org>
X-Mailer: Apple Mail (2.3445.104.14)
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/hu0QQtz0ypr4nUFb5jLqrQHHb1o>
Subject: Re: [Emu] I-D Action: draft-ietf-emu-aka-pfs-04.txt
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Jun 2020 20:04:46 -0000
The ECDH public value in RFC 5480 is an OCTET STRING, which means that the value is exactly 32 bytes. When this gets carried as a subject public key in a certificate, there is an extra byte only because the type is a BIT STRING. My conclusion is that the current draft is correct: * For P-256, the length of this value is 32 bytes, encoded in binary as specified in [FIPS186-4]. Russ > On Jun 24, 2020, at 1:10 AM, Mohit Sethi M <mohit.m.sethi=40ericsson.com@dmarc.ietf.org> wrote: > > Hi all, > > I am not a crypto expert and my knowledge of public key encodings is > based on my work with Rene Struik for a different draft. > > The current text in draft-ietf-emu-aka-pfs-04 says "For P-256, the > length of this value is 32 bytes, encoded in binary". Shouldn't this be > 33 bytes? And wouldn't it make sense to explicitly say that this is an > octet string in the compressed format while referencing "SEC 1: Elliptic > Curve Cryptography, Version 2.0" for the point to octet string > conversion rules? > > --Mohit > > On 5/26/20 9:57 AM, internet-drafts@ietf.org wrote: >> A New Internet-Draft is available from the on-line Internet-Drafts directories. >> This draft is a work item of the EAP Method Update WG of the IETF. >> >> Title : Perfect-Forward Secrecy for the Extensible Authentication Protocol Method for Authentication and Key Agreement (EAP-AKA' PFS) >> Authors : Jari Arkko >> Karl Norrman >> Vesa Torvinen >> Filename : draft-ietf-emu-aka-pfs-04.txt >> Pages : 26 >> Date : 2020-05-25 >> >> Abstract: >> Many different attacks have been reported as part of revelations >> associated with pervasive surveillance. Some of the reported attacks >> involved compromising smart cards, such as attacking SIM card >> manufacturers and operators in an effort to compromise shared secrets >> stored on these cards. Since the publication of those reports, >> manufacturing and provisioning processes have gained much scrutiny >> and have improved. However, the danger of resourceful attackers for >> these systems is still a concern. >> >> This specification is an optional extension to the EAP-AKA' >> authentication method which was defined in [I-D.ietf-emu-rfc5448bis]. >> The extension, when negotiated, provides Perfect Forward Secrecy for >> the session key generated as a part of the authentication run in EAP- >> AKA'. This prevents an attacker who has gained access to the long- >> term pre-shared secret in a SIM card from being able to decrypt any >> past communications. In addition, if the attacker stays merely a >> passive eavesdropper, the extension prevents attacks against future >> sessions. This forces attackers to use active attacks instead. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-emu-aka-pfs/ >> >> There are also htmlized versions available at: >> https://tools.ietf.org/html/draft-ietf-emu-aka-pfs-04 >> https://datatracker.ietf.org/doc/html/draft-ietf-emu-aka-pfs-04 >> >> A diff from the previous version is available at: >> https://www.ietf.org/rfcdiff?url2=draft-ietf-emu-aka-pfs-04 >> >> >> Please note that it may take a couple of minutes from the time of submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> >> _______________________________________________ >> Emu mailing list >> Emu@ietf.org >> https://www.ietf.org/mailman/listinfo/emu > _______________________________________________ > Emu mailing list > Emu@ietf.org > https://www.ietf.org/mailman/listinfo/emu
- [Emu] I-D Action: draft-ietf-emu-aka-pfs-04.txt internet-drafts
- Re: [Emu] I-D Action: draft-ietf-emu-aka-pfs-04.t… Mohit Sethi M
- Re: [Emu] I-D Action: draft-ietf-emu-aka-pfs-04.t… Russ Housley
- Re: [Emu] I-D Action: draft-ietf-emu-aka-pfs-04.t… Mohit Sethi M
- Re: [Emu] I-D Action: draft-ietf-emu-aka-pfs-04.t… Mohit Sethi M
- Re: [Emu] I-D Action: draft-ietf-emu-aka-pfs-04.t… John Mattsson
- [Emu] (on curve representations) Re: I-D Action: … Rene Struik