[Hash] Charter discussion, round 2
Paul Hoffman <paul.hoffman@vpnc.org> Sun, 26 June 2005 16:16 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DmZnh-00014A-6s; Sun, 26 Jun 2005 12:16:05 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DmZnf-00013b-EC for hash@megatron.ietf.org; Sun, 26 Jun 2005 12:16:03 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA15928 for <hash@ietf.org>; Sun, 26 Jun 2005 12:16:00 -0400 (EDT)
Received: from above.proper.com ([208.184.76.39]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DmaCd-00041G-P7 for hash@ietf.org; Sun, 26 Jun 2005 12:41:52 -0400
Received: from [10.20.30.249] (dsl2-63-249-92-231.cruzio.com [63.249.92.231]) (authenticated bits=0) by above.proper.com (8.12.11/8.12.9) with ESMTP id j5QGFu8I019084 for <hash@ietf.org>; Sun, 26 Jun 2005 09:15:57 -0700 (PDT) (envelope-from paul.hoffman@vpnc.org)
Mime-Version: 1.0
Message-Id: <p06230916bee483a83198@[10.20.30.249]>
Date: Sun, 26 Jun 2005 09:15:43 -0700
To: Hash BOF <hash@ietf.org>
From: Paul Hoffman <paul.hoffman@vpnc.org>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: cf3becbbd6d1a45acbe2ffd4ab88bdc2
Cc:
Subject: [Hash] Charter discussion, round 2
X-BeenThere: hash@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: hash.lists.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/hash>, <mailto:hash-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/hash>
List-Post: <mailto:hash@lists.ietf.org>
List-Help: <mailto:hash-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/hash>, <mailto:hash-request@lists.ietf.org?subject=subscribe>
Sender: hash-bounces@lists.ietf.org
Errors-To: hash-bounces@lists.ietf.org
Greetings again. Thank you to everyone who helped with the first round. My take is that people don't see much need to segregate the truncation/salting discussion from the meatier requirements discussion. Also, looking at the mailing list, we are already seeing a reasonable level of subscription from some well-known names in the cryptography community. Given that, I would like to propose a similar-but-different charter that gets us started on the more significant issues earlier. Please comment on the list whether you think the text is or is not reasonable, the goals are or are not achievable, and the timeline is or is not sensible. --Paul Hoffman, Director --VPN Consortium One-way Hash Function BoF (hash) Security Area Director: Sam Hartman <hartmans-ietf@mit.edu> Russ Housley <housley@vigilsec.com> Security Area Advisor: Russ Housley <housley@vigilsec.com> Mailing Lists: General Discussion: hash@ietf.org To Subscribe: https://www1.ietf.org/mailman/listinfo/hash Archive: http://www.ietf.org/mail-archive/web/hash/index.html Description of Proposed Working Group: Recently, a team of researchers reported that the SHA-1 one-way hash function offers significantly less collision resistance than could be expected from a cryptographic hash function with an output of 160 bits. This result has inspired significant research activities in government and academia. Additional information regarding the security of current one-way hash functions, as well as proposals for new one-way hash functions, are expected. The proposed working group responds to the current state of research in this area. However, additional research is likely to provide new insights as the working group progresses. A two-phase approach is envisioned. The second phase will be pursued by revising the charter, only after the first phase is finished and if it is clear that the international cryptographic community is actively participating in the working group. The first phase will consist of two main areas of work: setting requirements for the use of one-way hash functions in IETF protocols, and describing ways to make current hash functions more robust. These two work items can be done in parallel. The working group will consider the suitability of one-way hash functions for use with IETF protocols. These requirements will be published as one or more BCP documents which specify the features and characteristics for standards-track one-way hash functions. The BCP documents will also identify information that must be included in any request for a hash function to be approved on the standards track. The DSA signature algorithm requires a hash function whose output is 160 bits. The working group will consider at least two approaches to strengthen one-way hash functions for use in DSA: 1) Truncate a larger one-way hash function output so that it can be used as a secure replacement of a shorter one-way hash function output. 2) Including a random value in the hash function computation. The random block used is transferred as a field in the algorithm identifier data structure. This approach is sometimes called a "salted" or "randomized" hash function. The working group may also consider other potential solutions, and one or more standards-track mechanism will be selected. The optional second phase will identify one or more standards-track one-way hash functions that fulfill the requirements stated in the BCP documents developed in the first phase. Guidance will also be developed to assist protocol developers in the selection among the standards-track one-way hash functions. Goals and Milestones: August 2005: Charter working group to authorize first phase. September 2005: Submit initial draft of truncation mechanism and/or salting mechanism. November 2005: Submit initial drafts on hash requirements, descriptions, and suitability. February 2006: WG Last Call on truncation mechanism and/or salting mechanism. March 2006: Submit truncation mechanism and/or salting mechanism for IETF standard. August 2006: Begin WG Last Calls on hash requirements, descriptions, and suitability. June 2007: Submit hash requirements, descriptions, and suitability documents for BCP. June 2007: Recharter working group to authorize second phase. _______________________________________________ Hash mailing list Hash@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hash
- [Hash] Charter discussion, round 2 Paul Hoffman