IETF Logo Mail Archive

Re: [Hipsec] Eric Rescorla's No Objection on draft-ietf-hip-rfc4423-bis-19: (with COMMENT)

Eric Rescorla <ekr@rtfm.com> Tue, 08 January 2019 23:45 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E08A131205 for <hipsec@ietfa.amsl.com>; Tue, 8 Jan 2019 15:45:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d5y406VuXXkN for <hipsec@ietfa.amsl.com>; Tue, 8 Jan 2019 15:45:19 -0800 (PST)
Received: from mail-lj1-x22e.google.com (mail-lj1-x22e.google.com [IPv6:2a00:1450:4864:20::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52423131207 for <hipsec@ietf.org>; Tue, 8 Jan 2019 15:45:19 -0800 (PST)
Received: by mail-lj1-x22e.google.com with SMTP id v15-v6so4900716ljh.13 for <hipsec@ietf.org>; Tue, 08 Jan 2019 15:45:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=kz2Xcu962mZug0mUOQIXgAFlOGBffJ+5/3jnI1yHWVs=; b=rQ6wFKo00TkFSJ0Qyw4+NfIq3+e4yxwF2xQi/O1ftiL5c27m/swk8B2Fj+52brwaIa QzPki1xRECJ5ldvZXfCcrUGeoEjkaV/vS4mMKtoraOZcYeSpGS8HbLy0uW3oQBIeeHaj LZWRHsQaZ9YmKQAxpPL56n2sVqjwKFIQOXID18kXR/SbmEOlGBoVzJ1D6BEQizNfFaHl tpeaeQ8ye5bZSvWnm8gX82Bc2HcggecJNpi6M1ZB+deFKRZCmbXm0HNwl4JQrQXodXHA +kJoJJ0oPh2Zgqh7O8B7NTJ22+P1ybXq7Ct9zBMVu8jiJXB7deJhdeskZGyKOmFky0pc Y7WA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=kz2Xcu962mZug0mUOQIXgAFlOGBffJ+5/3jnI1yHWVs=; b=VhQsWeYRDgSWkrFO9Xeq4S9u97Cz0ezwuZ9CwgajWLvNErf20omhzf7ldxd2w/bMjI JLciooE3FFkYArEVwX1NA2xgTdXiosVW+ic+3Pl8EIPOaU7fmOklqW8cfxLoSME0cS6I GYnsM3Xw+PARuIxHcr1Ga0lQlJZz6bzrMDE7HRgcrl1+hmyg1iLXPpVM0Jrn9dyOmBsY EaFg6M+zNFWlK+ZsY+0fz+XlFWRvuWpJcK8I1Iz/ypKW7/k5H/M49NxCgBi+EQRVEIND FlP1F/56dKIraFfNGty9NO4u/K74PP/r7iJmJUH/hfQY81pH8bF0EDOEBcK263itXlC5 sYhA==
X-Gm-Message-State: AJcUukfhkksHmnKrsrOTxRMtrTWimVKaS9qapSV0fbGGhpgz1Atfgwxo SCzPOY1kR0uB8WLVw27Lnt/WVdluemFI/CDp2fZI2g==
X-Google-Smtp-Source: ALg8bN4Ernv+I15qFQgDU/+3t1WZIoubVn+2+k0+OBHGU2+oNyyqMhtNgh+V5qLAninRCKs3Wzow/2aR9bjNzNAZN9I=
X-Received: by 2002:a2e:5418:: with SMTP id i24-v6mr2350651ljb.51.1546991117485; Tue, 08 Jan 2019 15:45:17 -0800 (PST)
MIME-Version: 1.0
References: <152564286489.26793.2457846656783140871.idtracker@ietfa.amsl.com> <70e4c94f-0097-0b13-140c-db0a5732ab67@kapsi.fi> <CABcZeBPUvZW0qa5X+SGzAaDgJhArw5Q3NSnSj6cYhBce4cnzqw@mail.gmail.com> <f02e449f-75af-1329-c94c-f53bd2b4bd08@tomh.org> <CABcZeBPKCOq7hO85CRAd3XRiH4v=G7ohG7p8X5GDeENX9+8B8g@mail.gmail.com> <e3c01281-aa06-e949-723e-882899c91011@tomh.org>
In-Reply-To: <e3c01281-aa06-e949-723e-882899c91011@tomh.org>
From: Eric Rescorla <ekr@rtfm.com>
Date: Tue, 08 Jan 2019 15:44:37 -0800
Message-ID: <CABcZeBP=rn2LAqWpXr_YKeaXb8DrV_Tkx=78-PXQGNhcZd-DuA@mail.gmail.com>
To: Tom Henderson <tomh@tomh.org>
Cc: mkomu@kapsi.fi, draft-ietf-hip-rfc4423-bis@ietf.org, hipsec@ietf.org, hip-chairs@ietf.org, IESG <iesg@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000076577057efaf086"
Archived-At: <https://mailarchive.ietf.org/arch/msg/hipsec/tEHnnwdBwqgDA9dvw-3Ox2mThp8>
Subject: Re: [Hipsec] Eric Rescorla's No Objection on draft-ietf-hip-rfc4423-bis-19: (with COMMENT)
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hipsec/>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Jan 2019 23:45:23 -0000

On Tue, Jan 8, 2019 at 9:50 AM Tom Henderson <tomh@tomh.org> wrote:

> On 1/8/19 5:57 AM, Eric Rescorla wrote:
>
> >     The second preimage attack resistance is 96 bits, plus whatever work
> >     is needed to generate the keys.
> >
> > I agree that this is in RFC 7343, but it doesn't seem to be stated
> > anywhere in this document, and  given that this text talks about both 64
> > bit and >= 100 bit hash functions, I'm not sure how to get it from this
> > text, which is in context quite confusing/
>
> I agree that the text could be clarified; I will try to suggest
> something more.
>
> >
> >     There isn't any mechanism defined to extend this, such as the CGA
> >     Hash Extension, but it seems to me that HIP could be extended in a
> >     similar way.  My recollection is that the WG had thought 96 bits to
> >     be strong enough preimage resistance.
> >
> > Generally, we are targeting the 128-bit security level for new
> deployments
> >
>
> Can you provide a reference for the 128-bit recommendation?
>

I don't believe there is a policy, but for instance, see:
https://tools.ietf.org/html/rfc7525#section-4.1



> Also, how are legacy uses like SEND/CGA handling this new target (or are
> they just considered legacy at this point)?
>

As far as I understand it, they are legacy.

-Ekr


> - Tom
>

v2.23.0 | Report a Bug | By Email