IETF Logo Mail Archive

[Gen-art] Gen-ART Telechat Review of draft-ietf-csi-hash-threat-09

"McCann Peter-A001034" <pete.mccann@motorola.com> Tue, 09 March 2010 22:32 UTC

Return-Path: <pete.mccann@motorola.com>
X-Original-To: gen-art@core3.amsl.com
Delivered-To: gen-art@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 43CC03A69DC for <gen-art@core3.amsl.com>; Tue, 9 Mar 2010 14:32:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qvpqSvhVALK4 for <gen-art@core3.amsl.com>; Tue, 9 Mar 2010 14:32:44 -0800 (PST)
Received: from mail128.messagelabs.com (mail128.messagelabs.com [216.82.250.131]) by core3.amsl.com (Postfix) with ESMTP id 4A3C53A6AA3 for <gen-art@ietf.org>; Tue, 9 Mar 2010 14:32:40 -0800 (PST)
X-VirusChecked: Checked
X-Env-Sender: pete.mccann@motorola.com
X-Msg-Ref: server-2.tower-128.messagelabs.com!1268173959!11146945!1
X-StarScan-Version: 6.2.4; banners=-,-,-
X-Originating-IP: [129.188.136.8]
Received: (qmail 28698 invoked from network); 9 Mar 2010 22:32:39 -0000
Received: from motgate8.mot.com (HELO motgate8.mot.com) (129.188.136.8) by server-2.tower-128.messagelabs.com with DHE-RSA-AES256-SHA encrypted SMTP; 9 Mar 2010 22:32:39 -0000
Received: from il06exr04.mot.com (il06exr04.mot.com [129.188.137.134]) by motgate8.mot.com (8.14.3/8.14.3) with ESMTP id o29MWccp008222 for <gen-art@ietf.org>; Tue, 9 Mar 2010 15:32:38 -0700 (MST)
Received: from il06vts01.mot.com (il06vts01.mot.com [129.188.137.141]) by il06exr04.mot.com (8.13.1/Vontu) with SMTP id o29MWc5o018698 for <gen-art@ietf.org>; Tue, 9 Mar 2010 16:32:38 -0600 (CST)
Received: from de01exm70.ds.mot.com (de01exm70.am.mot.com [10.176.8.26]) by il06exr04.mot.com (8.13.1/8.13.0) with ESMTP id o29MWc6E018695 for <gen-art@ietf.org>; Tue, 9 Mar 2010 16:32:38 -0600 (CST)
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 09 Mar 2010 17:32:18 -0500
Message-ID: <274D46DDEB9F2244B2F1EA66B3FF54BC0657FA78@de01exm70.ds.mot.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Gen-ART Telechat Review of draft-ietf-csi-hash-threat-09
thread-index: Acq/2GBvPeNYVZYFQ8yzMrKqpLjm3Q==
From: McCann Peter-A001034 <pete.mccann@motorola.com>
To: gen-art@ietf.org, draft-ietf-csi-hash-threat.all@tools.ietf.org
X-CFilter-Loop: Reflected
Subject: [Gen-art] Gen-ART Telechat Review of draft-ietf-csi-hash-threat-09
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Mar 2010 22:32:45 -0000

I have been selected as the General Area Review Team (Gen-ART) reviewer
for this draft (for background on Gen-ART, please see
http://www.alvestrand.no/ietf/gen/art/gen-art-FAQ.html).

Please wait for direction from your document shepherd or AD before
posting a new version of the draft.

Document: draft-ietf-csi-hash-threat-09
Reviewer: Pete McCann
Review Date: 09 March 2010
IESG Telechat date: 11 March 2010

Summary:  A couple of minor issues, 
          and numerous editorial fixes are needed before publication.

Major issues:  None.

Minor issues:

Introduction:
   There is a great variaty of hash functions, but only MD5 and SHA-1
   are in the wide use, which is also the case for SEND
This sentence makes a statement about MD5 and SHA-1 being the only
widely
used hash functions, but I can't figure out what it is saying about
SEND.
Is it saying that SEND is widely used?  Or did you mean to say that SEND
implementations typically only implement MD5 and SHA-1?

Section 3:
   Supposing that the hash function
   produces an n-bit long output, since each output is equally likely,
   an attack takes an order of 2^n operations to be successful.
SHOULD SAY: "on the order of".  But this sentence is just plain
incorrect (see below).
  Due to
   the birthday attack, if the hash function is supplied with a random
   input, it returns one of the k equally-likely values, and the number
   of operations can be reduced to the number of 1.2*2^(n/2) operations.
There is no "birthday attack."  And I think you meant 2^n instead of k.
The result you give is due to an equation that is commonly illustrated
with
a problem known as the "birthday paradox."

Nits/editorial comments:

Abstract:
   possible threats
   and the impact of recent
SHOULD BE:
   possible threats,
   and the impact of recent

   Current SEND specification
SHOULD BE:
   The current SEND specification

   support for the hash algorithm agility
SHOULD BE:
   support for hash algorithm agility

   The purpose of the document
SHOULD BE:
   The purpose of this document

   encode the hash agility
SHOULD BE:
   encode hash agility

Introduction:
   Key Hash field and
SHOULD BE:
   Key Hash field, and

   variaty
SHOULD BE:
   variety

   in the wide use
SHOULD BE:
   in wide use

   which has been well known for its weaknesses.
SHOULD BE:
   which has well known weaknesses.

   First
   hash attacks affected the compression function of MD5
SHOULD BE:
   Early
   hash attacks affected the compression function of MD5

   significantlly
SHOULD BE:
   a significantly

   on the way how
SHOULD BE:
   on the way in which

   underlaying
SHOULD BE:
   underlying
(repeated twice)

   way of use
SHOULD BE:
   use

   keep the protocol
   immune,
SHOULD BE:
   keep the protocol
   secure,

   matter of the hash
SHOULD BE:
   matter the hash

   with shared secrets, fingerprints,
SHOULD BE:
   with shared secrets, and fingerprints,

   The rest of the
   section
SHOULD BE:
   The rest of this
   section

   on SEND by the cases of use.
SHOULD BE:
   on SEND by each use case.

   the hash agility
SHOULD BE:
   hash agility

Section 3.1:
   the CGA hash agility
SHOULD BE:
   CGA hash agility

Section 3.2:
   allowe
SHOULD BE:
   allow

   biggest concer are
SHOULD BE:
   the biggest concerns are

   (if the IP prefix range
   used),
SHOULD BE:
   (if the IP prefix range were
   used);

   although, not broader than the prefix range
SHOULD BE:
   although, it could not be broader than the prefix range

   to the
   such human-readble data such 
SHOULD BE:
   to
   such human-readble data

   attack improve
SHOULD BE:
   attack improves

Section 3.3:
   ND message and other fields, e.g. the Message
   Type Tag and ND options,
SHOULD BE:
   ND message, and other fields (e.g. the Message
   Type Tag and ND options),

   field the example of the non-repudiation digital singature,
SHOULD BE:
   field is an example of a digital singature that needs
non-repudiation,

   more then
SHOULD BE:
   more than

   but in real-world situation is to achieve it.
SHOULD BE:
   but in a real-world situation it would be difficult to achieve it.

Section 3.4:
   provides the integrity
SHOULD BE:
   provides integrity

4. Support for the hash agility in SEND
SHOULD BE:
4. Support for hash agility in SEND

   Previous section showed
SHOULD BE:
   The previous section showed

   SEND context prevents those attacks of
   almost any use
SHOULD BE:
   The SEND context prevents these attacks from
   being of almost any use

   for the future
SHOULD BE:
   for future

   suggest the support for the hash and algorithm
   agility in SEND.
SHOULD BE:
   suggest support for hash and algorithm
   agility be added to SEND.

   secure would
SHOULD BE:
   secure method would

   then defining
SHOULD BE:
   than defining

   Possible solution is also the hybrid
SHOULD BE:
   Another possible solution is a hybrid

   One of possible solutions is the negotiation
      approach for the SEND hash agility
SHOULD BE:
   One possible solution is the negotiation
      approach for SEND hash agility

Section 6:
   offeres
SHOULD BE:
   offers

   providing solution for the hash
SHOULD BE:
   providing a solution for hash

   for the hash agility
SHOULD BE:
   for hash agility

v2.23.0 | Report a Bug | By Email