Randomness of Message-ID in IMDN
Eric Burger <eburger@standardstrack.com> Wed, 14 May 2008 16:27 UTC
Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C52D828C0FF; Wed, 14 May 2008 09:27:33 -0700 (PDT)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E47673A68A7; Wed, 14 May 2008 09:27:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.449
X-Spam-Level:
X-Spam-Status: No, score=-1.449 tagged_above=-999 required=5 tests=[AWL=1.150, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3KvGywOv1zXM; Wed, 14 May 2008 09:27:28 -0700 (PDT)
Received: from gs19.inmotionhosting.com (gs19b.inmotionhosting.com [66.117.3.189]) by core3.amsl.com (Postfix) with ESMTP id ADD5F3A67F7; Wed, 14 May 2008 09:27:28 -0700 (PDT)
Received: from [124.17.15.2] (port=45892 helo=[172.31.13.11]) by gs19.inmotionhosting.com with esmtps (TLSv1:AES128-SHA:128) (Exim 4.68) (envelope-from <eburger@standardstrack.com>) id 1JwJoU-00082C-Ob; Wed, 14 May 2008 09:26:50 -0700
Message-Id: <28AB2CB7-DE19-42B0-906C-2D900FEDFB1A@standardstrack.com>
From: Eric Burger <eburger@standardstrack.com>
To: Eric Rescorla <ekr@networkresonance.com>
In-Reply-To: <20080514154217.28E375081A@romeo.rtfm.com>
Mime-Version: 1.0 (Apple Message framework v912)
Subject: Randomness of Message-ID in IMDN
Date: Thu, 15 May 2008 00:25:38 +0800
References: <20080503211234.0377B5081A@romeo.rtfm.com> <C5B56A4A-1901-41F6-B47E-C04F51D813E6@standardstrack.com> <20080514154217.28E375081A@romeo.rtfm.com>
X-Mailer: Apple Mail (2.912)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - gs19.inmotionhosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - standardstrack.com
X-Source:
X-Source-Args:
X-Source-Dir:
Cc: secdir@mit.edu, ietf@ietf.org, simple@ietf.org, iesg@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
Thanks for your very, very quick review! On the one open item for discussion, Message-ID, I would offer (1) it is not a do-or-die situation but that (2) using a cryptographically secure random number generator. achieves the same result with better properties. Again, I will defer back to you: I know the work group will push back strong if a cryptographically secure random number generator is a resource hog. Are there memory / CPU efficient cryptographically secure random number generators? Should we give guidance to the range of numbers (i.e., 32-bits, 512-bits, 6 digits, etc.)? On May 14, 2008, at 11:42 PM, Eric Rescorla wrote: > At Wed, 14 May 2008 12:20:21 +0800, > Eric Burger wrote: >> >> Inline >> >> On May 4, 2008, at 5:12 AM, Eric Rescorla wrote: [snip] >>> S 7.1.1.1. Why does Message-ID need any randomness at all as >>> opposed >>> to uniqueness? And if it needs randomness, why is 32 enough? >> >> The randomness property makes it more difficult for malicious nodes >> guessing Message-IDs and thus being able to pass IMDNs through >> filtering mechanisms. >> >> IYHO, is 32-bits enough? You're the expert; I'm just guessing! > > So, unsurprisingly, it depends. > > Is your mental model that you have a list of n valid message-ids > "outstanding" at once and you want the probability of an attacker > guessing one to be sufficiently small? With a 32-bit space, > the chance is n/2^32. So, if you're just treating this as a > sort of spam filter, then it's probably fine. But if a single > bad message getting through is fatal, then, no, it's not. > > The other thing I would say is that if you want ids to be > unguessable, then you probably want to say that they should > be generated with a cryptographically secure random number > generator. There are lots of PRNGs that produce uniform distributions > but that are predictable and that won't do here, right? _______________________________________________ IETF mailing list IETF@ietf.org https://www.ietf.org/mailman/listinfo/ietf
- Re-review of draft-ietf-simple-imdn Eric Rescorla
- Re: Re-review of draft-ietf-simple-imdn Eric Burger
- Re: Re-review of draft-ietf-simple-imdn Eric Rescorla
- Randomness of Message-ID in IMDN Eric Burger
- Re: Randomness of Message-ID in IMDN Eric Rescorla
- Re: Randomness of Message-ID in IMDN Eric Burger
- Re: Randomness of Message-ID in IMDN Frank Ellermann
- Re: Re-review of draft-ietf-simple-imdn Frank Ellermann
- Re: Randomness of Message-ID in IMDN Eric Rescorla
- Re: Randomness of Message-ID in IMDN Frank Ellermann
- Re: Randomness of Message-ID in IMDN Eric Burger