Re: [Hipsec] HIT Suites and algorithms used in RFC5201-bis
Tobias Heer <heer@cs.rwth-aachen.de> Thu, 09 December 2010 18:58 UTC
Return-Path: <heer@informatik.rwth-aachen.de>
X-Original-To: hipsec@core3.amsl.com
Delivered-To: hipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E02C928C13B for <hipsec@core3.amsl.com>; Thu, 9 Dec 2010 10:58:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.801
X-Spam-Level:
X-Spam-Status: No, score=-4.801 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mW8xA484yBAq for <hipsec@core3.amsl.com>; Thu, 9 Dec 2010 10:58:47 -0800 (PST)
Received: from mta-2.ms.rz.rwth-aachen.de (mta-2.ms.rz.RWTH-Aachen.DE [134.130.7.73]) by core3.amsl.com (Postfix) with ESMTP id 79E6728C13E for <hipsec@ietf.org>; Thu, 9 Dec 2010 10:58:47 -0800 (PST)
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-type: text/plain; charset="us-ascii"
Received: from ironport-out-2.rz.rwth-aachen.de ([134.130.5.41]) by mta-2.ms.rz.RWTH-Aachen.de (Sun Java(tm) System Messaging Server 6.3-7.04 (built Sep 26 2008)) with ESMTP id <0LD600CM5CSH2620@mta-2.ms.rz.RWTH-Aachen.de> for hipsec@ietf.org; Thu, 09 Dec 2010 20:00:17 +0100 (CET)
X-IronPort-AV: E=Sophos;i="4.59,321,1288566000"; d="scan'208";a="44992992"
Received: from relay-auth-1.ms.rz.rwth-aachen.de (HELO relay-auth-1) ([134.130.7.78]) by ironport-in-2.rz.rwth-aachen.de with ESMTP; Thu, 09 Dec 2010 20:00:17 +0100
Received: from [192.168.3.3] ([unknown] [91.179.148.52]) by relay-auth-1.ms.rz.rwth-aachen.de (Sun Java(tm) System Messaging Server 7.0-3.01 64bit (built Dec 9 2008)) with ESMTPA id <0LD6003E1CSGOA20@relay-auth-1.ms.rz.rwth-aachen.de> for hipsec@ietf.org; Thu, 09 Dec 2010 20:00:16 +0100 (CET)
From: Tobias Heer <heer@cs.rwth-aachen.de>
In-reply-to: <7CC566635CFE364D87DC5803D4712A6C4CED25AB29@XCH-NW-10V.nw.nos.boeing.com>
Date: Thu, 09 Dec 2010 20:00:16 +0100
Message-id: <448BB3A0-BC99-4DE7-B4A5-A0269B80F294@cs.rwth-aachen.de>
References: <42082FED-C009-4C35-813A-F55165A419BE@cs.rwth-aachen.de> <7CC566635CFE364D87DC5803D4712A6C4CED25AB29@XCH-NW-10V.nw.nos.boeing.com>
To: "Henderson, Thomas R" <thomas.r.henderson@boeing.com>
X-Mailer: Apple Mail (2.1082)
Cc: hipsec@ietf.org
Subject: Re: [Hipsec] HIT Suites and algorithms used in RFC5201-bis
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Dec 2010 18:58:49 -0000
Hello Tom, Am 09.12.2010 um 17:31 schrieb Henderson, Thomas R: > > >> -----Original Message----- >> From: hipsec-bounces@ietf.org >> [mailto:hipsec-bounces@ietf.org] On Behalf Of Tobias Heer >> Sent: Thursday, December 09, 2010 2:27 AM >> To: hipsec@ietf.org >> Subject: [Hipsec] HIT Suites and algorithms used in RFC5201-bis >> >> Hello, >> [...] >> >> >> ECDSA/SHA-384 bundles two ECC curves (NIST P-256 and P-384) >> with SHA-384. Both >> curves must be implemented by hosts that implement HIT this HIT suite. >> >> ECDSA_LOW/SHA-1 is meant for devices with limited computation >> capabilities. It >> uses the SECP160R curve from SECG. >> >> If we want to make a bold move towards ECC cryptography (and >> make packet >> fragmentation, etc. less likely) we could change the >> REQUIRED and RECOMMENDED >> tags so that we REQUIRE the ECDSA/SHA-384 HIT SUITE and make >> the other two >> recommended. Any comments on this? > > Has anyone checked into the availability of these suites in cryptographic libraries and hardware? > I have checked that these are available in the widely used openssl library. They all are. > Can you clarify what you believe are the implications that you hint at ("packet fragmentation, etc.")? Large RSA/DSA Keys, large RSA signatures and certificates may add up to a considerable amount of data in HIP control packets. Reducing the size of the keys (compared to RSA/DSA) and the size of the signatures (compared to RSA) may reduce the probability of packet fragmentation for HIP control packets - that was my train of thought. Sorry for not making it more obvious. Tobias > >> >> >> The ECDH groups look similar: >> >> Group Value >> Reserved 0 >> DEPRECATED 1 >> DEPRECATED 2 >> 1536-bit MODP group 3 [RFC3526] >> 3072-bit MODP group 4 [RFC3526] >> DEPRECATED 5 >> DEPRECATED 6 >> NIST P-256 7 [RFC4753] >> NIST P-384 8 [RFC4753] >> NIST P-521 9 [RFC4753] >> SECP160R1 10 [SECG] >> >> Groups 7 to 10 are new in RFC5201-bis. Again, group 10 is >> meant for devices >> with low computation capabilities and should be used only if long-term >> confidentiality is not required. >> >> The DEPRECATED values are groups present in RFC5201 but have >> been removed in >> RFC5201-bis. They have to be removed before we finish the document. >> >> Are there any comments regarding the selection of algorithms? >> With the selected >> ECC curves, we tried to stay as close to other Internet >> standards IKE, TLS that >> use ECC already. >> > > I don't have other comments and agree with trying to stay close to the predecessors. > > - Tom -- Dipl.-Inform. Tobias Heer, Ph.D. Student Chair of Communication and Distributed Systems - comsys RWTH Aachen University, Germany tel: +49 241 80 207 76 web: http://ds.cs.rwth-aachen.de/members/heer blog: http://dtobi.wordpress.com/ card: http://card.ly/dtobi
- [Hipsec] HIT Suites and algorithms used in RFC520… Tobias Heer
- Re: [Hipsec] HIT Suites and algorithms used in RF… Miika Komu
- Re: [Hipsec] HIT Suites and algorithms used in RF… Henrik Ziegeldorf
- Re: [Hipsec] HIT Suites and algorithms used in RF… Henderson, Thomas R
- Re: [Hipsec] HIT Suites and algorithms used in RF… Tobias Heer
- Re: [Hipsec] HIT Suites and algorithms used in RF… Tobias Heer
- Re: [Hipsec] HIT Suites and algorithms used in RF… René Hummen