Re: [hybi] "fresh" and "uniformly at random":

Denis Lagno <dilmah@chromium.org> Mon, 20 June 2011 07:34 UTC

Return-Path: <dilmah@google.com>
X-Original-To: hybi@ietfa.amsl.com
Delivered-To: hybi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A2E6011E8095 for <hybi@ietfa.amsl.com>; Mon, 20 Jun 2011 00:34:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.977
X-Spam-Level:
X-Spam-Status: No, score=-105.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kn0rEfWSbFuF for <hybi@ietfa.amsl.com>; Mon, 20 Jun 2011 00:34:39 -0700 (PDT)
Received: from smtp-out.google.com (smtp-out.google.com [216.239.44.51]) by ietfa.amsl.com (Postfix) with ESMTP id 8F5B011E8077 for <hybi@ietf.org>; Mon, 20 Jun 2011 00:34:39 -0700 (PDT)
Received: from hpaq3.eem.corp.google.com (hpaq3.eem.corp.google.com [172.25.149.3]) by smtp-out.google.com with ESMTP id p5K7YcY4004250 for <hybi@ietf.org>; Mon, 20 Jun 2011 00:34:38 -0700
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1308555278; bh=MQxTmekWAyt+UoFaHm844uf7MZM=; h=MIME-Version:Sender:In-Reply-To:References:Date:Message-ID: Subject:From:To:Cc:Content-Type:Content-Transfer-Encoding; b=yFy9wC6ljjgSCMdLZUM2b7fWPndz38+Vm51kqP8ngJG0YTmh/WXQgvHWNiWQJLS00 ZKnXbsG9F+/3HNqvRjCxw==
Received: from qwh5 (qwh5.prod.google.com [10.241.194.197]) by hpaq3.eem.corp.google.com with ESMTP id p5K7Yasn019670 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for <hybi@ietf.org>; Mon, 20 Jun 2011 00:34:37 -0700
Received: by qwh5 with SMTP id 5so1262532qwh.34 for <hybi@ietf.org>; Mon, 20 Jun 2011 00:34:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=beta; h=domainkey-signature:mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=ORJpdRZGrAuyKOR3dvAaBB6spPrQC5hzuka58eqw0EE=; b=YOLqIov7+mTmxtoV4hL2hctcfwL7RoHjuZoR5pmSPzznBGoZ8CIIgLbcWTdgN+Cyzj USw3R7PqXQhH7Riouv0w==
DomainKey-Signature: a=rsa-sha1; c=nofws; d=google.com; s=beta; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=tNzeiyBKlWphxBXTZkYKdwWLpPhzwaJ9T7vLWxCvuBryGxaljE68/gY/HmTXpWzzHd CPHuPyAogqhvmpTu4p0w==
MIME-Version: 1.0
Received: by 10.224.10.209 with SMTP id q17mr3853382qaq.273.1308555275815; Mon, 20 Jun 2011 00:34:35 -0700 (PDT)
Sender: dilmah@google.com
Received: by 10.229.18.69 with HTTP; Mon, 20 Jun 2011 00:34:35 -0700 (PDT)
In-Reply-To: <BANLkTi=q3w6Z0odEWdzTkeNQ-7T1Svrkmg@mail.gmail.com>
References: <000401cc2cf3$106d37d0$3147a770$@noemax.com> <BANLkTim_-kytRUdG-X51fFZY+Gj4mcypnQ@mail.gmail.com> <BANLkTi=m_gOTxRjTiyz4S713rUexFrr+wg@mail.gmail.com> <BANLkTindEVpt9DE4LXYVSOg7C3RCvewi4Q@mail.gmail.com> <BANLkTimf=ateLuDO7R7yhOE4AE2m770PAg@mail.gmail.com> <BANLkTi=q3w6Z0odEWdzTkeNQ-7T1Svrkmg@mail.gmail.com>
Date: Mon, 20 Jun 2011 11:34:35 +0400
X-Google-Sender-Auth: BRgV_rOSpj-C1G7OjstaP_X5gME
Message-ID: <BANLkTinkqF6dxTP6DdijJzNsxEXV1G+Nyg@mail.gmail.com>
From: Denis Lagno <dilmah@chromium.org>
To: Adam Barth <ietf@adambarth.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-System-Of-Record: true
Cc: hybi@ietf.org
Subject: Re: [hybi] "fresh" and "uniformly at random":
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jun 2011 07:34:40 -0000

oh, well, so you'd better avoid phrase "not used previously" in the
first place.  It was highly misleading.

On Mon, Jun 20, 2011 at 11:31 AM, Adam Barth <ietf@adambarth.com> wrote:
> You can sensibly apply the term fresh to 1-bit values if you like.
> The important aspect is independence from your previous choices.
>
> Adam
>
>
> On Mon, Jun 20, 2011 at 12:26 AM, Denis Lagno <dilmah@chromium.org> wrote:
>> maybe I miss something but in the text "fresh" is applied to 32-bit values..
>>
>> On Mon, Jun 20, 2011 at 6:57 AM, Adam Barth <ietf@adambarth.com> wrote:
>>> On Sat, Jun 18, 2011 at 12:34 AM, Denis Lagno <dilmah@chromium.org> wrote:
>>>> On Sat, Jun 18, 2011 at 10:27 AM, Adam Barth <ietf@adambarth.com> wrote:
>>>>> The term "fresh" is a term of art in cryptography.  It means, roughly,
>>>>> "not used previously."
>>>>
>>>> So this implies that client must keep track of already used keys? it
>>>> imposes limit on length of connection?
>>>> True it or false, It should be explicitly clarified in the text.
>>>
>>> The normal practice in cryptography is to just use large enough values
>>> such that the probably of collision is sufficiently small as to be
>>> acceptable.  For example, if you use a 20 byte nonce, the probably of
>>> collision is zero for all practical purposes.
>>>
>>> This stuff is all extremely normal.
>>>
>>> Adam
>>>
>>
>