Return-Path: <thomas.r.henderson@boeing.com>
X-Original-To: hipsec@core3.amsl.com
Delivered-To: hipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
 with ESMTP id 6439B28C110 for <hipsec@core3.amsl.com>;
 Thu,  9 Dec 2010 08:30:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.359
X-Spam-Level: 
X-Spam-Status: No, score=-106.359 tagged_above=-999 required=5 tests=[AWL=0.240,
 BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
 [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id euWKoOegFje0 for
 <hipsec@core3.amsl.com>; Thu,  9 Dec 2010 08:30:28 -0800 (PST)
Received: from slb-smtpout-01.boeing.com (slb-smtpout-01.boeing.com
 [130.76.64.48]) by core3.amsl.com (Postfix) with ESMTP id 3BCD228C0DC for
 <hipsec@ietf.org>; Thu,  9 Dec 2010 08:30:28 -0800 (PST)
Received: from stl-av-01.boeing.com (stl-av-01.boeing.com [192.76.190.6]) by
 slb-smtpout-01.ns.cs.boeing.com (8.14.4/8.14.4/8.14.4/SMTPOUT) with ESMTP id
 oB9GVm7C028553 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256
 verify=FAIL); Thu, 9 Dec 2010 08:31:49 -0800 (PST)
Received: from stl-av-01.boeing.com (localhost [127.0.0.1]) by
 stl-av-01.boeing.com (8.14.4/8.14.4/DOWNSTREAM_RELAY) with ESMTP id
 oB9GVm66029236; Thu, 9 Dec 2010 10:31:48 -0600 (CST)
Received: from XCH-NWHT-07.nw.nos.boeing.com (xch-nwht-07.nw.nos.boeing.com
 [130.247.25.111]) by stl-av-01.boeing.com (8.14.4/8.14.4/UPSTREAM_RELAY) with
 ESMTP id oB9GVlU8029199 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128
 verify=OK); Thu, 9 Dec 2010 10:31:48 -0600 (CST)
Received: from XCH-NW-10V.nw.nos.boeing.com ([130.247.25.85]) by
 XCH-NWHT-07.nw.nos.boeing.com ([130.247.25.111]) with mapi;
 Thu, 9 Dec 2010 08:31:48 -0800
From: "Henderson, Thomas R" <thomas.r.henderson@boeing.com>
To: "'Tobias Heer'" <heer@cs.rwth-aachen.de>,
 "hipsec@ietf.org" <hipsec@ietf.org>
Date: Thu, 9 Dec 2010 08:31:46 -0800
Thread-Topic: [Hipsec] HIT Suites and algorithms used in RFC5201-bis
Thread-Index: AcuXkTP/rO6ZCftQRwStDYMA1OGpOwALJjSg
Message-ID: <7CC566635CFE364D87DC5803D4712A6C4CED25AB29@XCH-NW-10V.nw.nos.boeing.com>
References: <42082FED-C009-4C35-813A-F55165A419BE@cs.rwth-aachen.de>
In-Reply-To: <42082FED-C009-4C35-813A-F55165A419BE@cs.rwth-aachen.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [Hipsec] HIT Suites and algorithms used in RFC5201-bis
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group."
 <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hipsec>,
 <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>,
 <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Dec 2010 16:30:31 -0000

> -----Original Message-----
> From: hipsec-bounces@ietf.org
> [mailto:hipsec-bounces@ietf.org] On Behalf Of Tobias Heer
> Sent: Thursday, December 09, 2010 2:27 AM
> To: hipsec@ietf.org
> Subject: [Hipsec] HIT Suites and algorithms used in RFC5201-bis
>
> Hello,
>
> we have consolidated the set of algorithms to be used in
> RFC5201 and would like
> to present it to the list and ask for feedback.
>
> We have three HIT Suites.  The HIT Suites define the
> algorithms that are used
> for generating a HIT/Orchid.  It also defines which HMAC
> flavor will be used in
> HIP control packets.
>
>
>      HIT Suite              ID
>      RESERVED                0
>      RSA,DSA/SHA-1           1    (REQUIRED)
>      ECDSA/SHA-384           2    (RECOMMENDED)
>      ECDSA_LOW/SHA-1         3    (RECOMMENDED)
>
> RSA,DSA/SHA-1 represent the class of HITs we have today with
> HIP version 1.  All
> contained Algorithms (RSA and DSA) must be supported by hosts
> that implement
> this suite.
>
> ECDSA/SHA-384 bundles two ECC curves (NIST P-256 and P-384)
> with SHA-384.  Both
> curves must be implemented by hosts that implement HIT this HIT suite.
>
> ECDSA_LOW/SHA-1 is meant for devices with limited computation
> capabilities.  It
> uses the SECP160R curve from SECG.
>
> If we want to make a bold move towards ECC cryptography (and
> make packet
> fragmentation, etc.  less likely) we could change the
> REQUIRED and RECOMMENDED
> tags so that we REQUIRE the ECDSA/SHA-384 HIT SUITE and make
> the other two
> recommended.  Any comments on this?

Has anyone checked into the availability of these suites in cryptographic l=
ibraries and hardware?

Can you clarify what you believe are the implications that you hint at ("pa=
cket fragmentation, etc.")?

>
>
> The ECDH groups look similar:
>
>  Group                Value
>  Reserved             0
>  DEPRECATED           1
>  DEPRECATED           2
>  1536-bit MODP group  3 [RFC3526]
>  3072-bit MODP group  4 [RFC3526]
>  DEPRECATED           5
>  DEPRECATED           6
>  NIST P-256           7 [RFC4753]
>  NIST P-384           8 [RFC4753]
>  NIST P-521           9 [RFC4753]
>  SECP160R1           10 [SECG]
>
> Groups 7 to 10 are new in RFC5201-bis.  Again, group 10 is
> meant for devices
> with low computation capabilities and should be used only if long-term
> confidentiality is not required.
>
> The DEPRECATED values are groups present in RFC5201 but have
> been removed in
> RFC5201-bis.  They have to be removed before we finish the document.
>
> Are there any comments regarding the selection of algorithms?
>  With the selected
> ECC curves, we tried to stay as close to other Internet
> standards IKE, TLS that
> use ECC already.
>

I don't have other comments and agree with trying to stay close to the pred=
ecessors.

- Tom