Re: [Hash] Charter discussion, round 1
Paul Hoffman <paul.hoffman@vpnc.org> Tue, 28 June 2005 16:21 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DnIpp-00087O-PP; Tue, 28 Jun 2005 12:21:17 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DnIpp-000872-6M for hash@megatron.ietf.org; Tue, 28 Jun 2005 12:21:17 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA28360 for <hash@ietf.org>; Tue, 28 Jun 2005 12:21:14 -0400 (EDT)
Received: from above.proper.com ([208.184.76.39]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DnJFB-0001Ad-1D for hash@ietf.org; Tue, 28 Jun 2005 12:47:31 -0400
Received: from [10.20.30.249] (adsl-66-125-125-65.dsl.pltn13.pacbell.net [66.125.125.65]) (authenticated bits=0) by above.proper.com (8.12.11/8.12.9) with ESMTP id j5SGL2J1040667; Tue, 28 Jun 2005 09:21:03 -0700 (PDT) (envelope-from paul.hoffman@vpnc.org)
Mime-Version: 1.0
Message-Id: <p06230979bee7272458a8@[10.20.30.249]>
In-Reply-To: <42C172A7.8080807@algroup.co.uk>
References: <6.2.1.2.2.20050609152413.078e8ac0@mail.binhost.com> <p06210245bece4ebbbea1@[10.20.30.249]> <20050616081143.GC32581@raktajino.does-not-exist.org> <p0621023abed742623640@[10.20.30.249]> <20050617084345.GJ32581@raktajino.does-not-exist.org> <6.2.1.2.2.20050617114209.0640e0d0@mail.binhost.com> <42BFEA9E.6080603@algroup.co.uk> <p06230977bee71c108c83@[10.20.30.249]> <42C172A7.8080807@algroup.co.uk>
Date: Tue, 28 Jun 2005 09:20:37 -0700
To: Ben Laurie <ben@algroup.co.uk>
From: Paul Hoffman <paul.hoffman@vpnc.org>
Subject: Re: [Hash] Charter discussion, round 1
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: c1c65599517f9ac32519d043c37c5336
Cc: w3t-archive@w3.org, hash@ietf.org
X-BeenThere: hash@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: hash.lists.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/hash>, <mailto:hash-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/hash>
List-Post: <mailto:hash@lists.ietf.org>
List-Help: <mailto:hash-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/hash>, <mailto:hash-request@lists.ietf.org?subject=subscribe>
Sender: hash-bounces@lists.ietf.org
Errors-To: hash-bounces@lists.ietf.org
At 4:54 PM +0100 6/28/05, Ben Laurie wrote: >I've managed to avoid IKE (so far) Probably wise, or at least sanity-saving. > but PGP doesn't have parameters for crypto functions. Ah. I now see that. There are parameters, but they're baked into the packet format. >>>, and secondly, why constrain it in this way? A protocol could >>>easily transfer the random value somewhere other than in the >>>algorithm identification. >> >>You may be right, but I'm not convinced about "easily". > >I'm pretty sure its easy. What isn't so easy is changing all the >applications to understand the modified protocol. Of course. >>Do you have different wording that would help, for example, TLS use >>these kinds of functions if we define them? > >'Including a random value in the hash function computation. The >random block used is transferred at appropriate points in the >protocol (ideally once for each use of the hash function). This >approach is sometimes called a "salted" or "randomized" hash >function.' I prefer "value" to "block" in the second sentence, but the rest seems fine to me. Do others have an opinion on this wording? >And now I'm thinking harder about this, we also should say that care >needs to be taken that the right party chooses the random value (or >it may be that both (all?) parties should choose it in some cases) - >since allowing the attacker to choose it would be bad. The whole purpose here is to allow the signing party to add randomness to the message they are signing. If the attacker is signing, don't they already have all the control they need for the collision attacks? --Paul Hoffman, Director --VPN Consortium _______________________________________________ Hash mailing list Hash@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hash
- Re: [Hash] Charter discussion, round 1 Eric Rescorla
- [Hash] Hash BoF Russ Housley
- [Hash] Charter discussion, round 1 Paul Hoffman
- Re: [Hash] Charter discussion, round 1 Paul Hoffman
- RE: [Hash] Charter discussion, round 1 Jim Schaad
- Re: [Hash] Charter discussion, round 1 D. J. Bernstein
- Re: [Hash] Charter discussion, round 1 EKR
- Re: [Hash] Charter discussion, round 1 Paul Hoffman
- RE: [Hash] Charter discussion, round 1 Russ Housley
- Re: [Hash] Charter discussion, round 1 Russ Housley
- Re: [Hash] Charter discussion, round 1 Paul Hoffman
- Re: [Hash] Charter discussion, round 1 Russ Housley
- Re: [Hash] Charter discussion, round 1 The Purple Streak, Hilarie Orman
- Re: [Hash] Charter discussion, round 1 Russ Housley
- RE: [Hash] Charter discussion, round 1 Jim Schaad
- RE: [Hash] Charter discussion, round 1 Russ Housley
- RE: [Hash] Charter discussion, round 1 Paul Hoffman
- Re: [Hash] Charter discussion, round 1 Ben Laurie
- Re: [Hash] Charter discussion, round 1 Russ Housley
- Re: [Hash] Charter discussion, round 1 Paul Hoffman
- Re: [Hash] Charter discussion, round 1 Ben Laurie
- Re: [Hash] Charter discussion, round 1 Paul Hoffman
- Re: [Hash] Charter discussion, round 1 Ben Laurie
- Re: [Hash] Charter discussion, round 1 Eric Rescorla