Re: [IPsec] I-D Action: draft-ietf-ipsecme-ikev1-algo-to-historic-08.txt
John Mattsson <john.mattsson@ericsson.com> Thu, 24 November 2022 16:08 UTC
Return-Path: <john.mattsson@ericsson.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A5227C14F748 for <ipsec@ietfa.amsl.com>; Thu, 24 Nov 2022 08:08:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ccyhzKzh194Z for <ipsec@ietfa.amsl.com>; Thu, 24 Nov 2022 08:07:59 -0800 (PST)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on20630.outbound.protection.outlook.com [IPv6:2a01:111:f400:7d00::630]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E1D9C14F73E for <ipsec@ietf.org>; Thu, 24 Nov 2022 08:07:58 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=i1yz0I+l67dO0hA3Y2mxIfX+cmfzLnU8qm9ZgtUSoUP/6w4WicPOJVpSvF2a3dMGPuL+z2z9a+7+sem7dc4y2e1TMEqiN7O+o/s5qgw5h6suxjHg9N67sDkbd9MlTVVeog79OhHNHjDh3Qe3fbxjX6bPx+9NulcK6GR2+0BVEi7VuH4b8mLuYwRgZWAkcHrs8fB0WFxNh76wr0ruHDjJ36bAebCbYfjdV7AEX8YETjS6yEajLAZolPxfDf1DGLNN/iXbiEukWLLNrTCGlR3IG1te7B9IvZuZLhwkQn7/NNQJkMxPn3R2kxV4AAJh6HIYwtucTr6yEFRh5VXDjWEzBA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/OK9KEUH+1Ms6fCCfyiyVE1y5xdSAmRhBk6xvZBv33M=; b=CK10Apdai/crmW+ExnpcU2mAN/cLwu4vsxXLgVW9g5szZDNylAUWLgv2XgCZDF5A//v6LPbHzeaJEDegketKK+tTd88g9wpfKze1AF1kTUOfFlaBt+3PXAFKXutSFsUiUpLOebBpHpv6vu30/p8NSUPYrDyNyRRM/BLywMitDQ9FIykNcWIUW5GiGBqkmtEXKn/yuXxUdf88bvoipl+a9oI6CMJ1cRl+uFYUXsZK6+7DpROyFGmlhnKnnUTSXP+fuNbpZmg1DyLTlvdug8mn1pjxLeAMTOQCyWv+uNEa6Kky892KhtrlzD7zabqt4xZS+VgxNqaHFGosu4hkf+LoGg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/OK9KEUH+1Ms6fCCfyiyVE1y5xdSAmRhBk6xvZBv33M=; b=b6Wgss2N9QrgsAdQ8dt9JkhLsirFpxWhNLPseK+sS75u860pc0FsxOOra6BN1M+Dw/TqTaxlr7pZESluPxzIqrIbTC68aOBtxxg8nRPAoZ7FBA7KqnlH080Z36LmN7VKrz+2qfAQcDQm4Y/977xvKjTHvelvnkAdiumDQVO4Yk0=
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com (2603:10a6:3:4b::8) by AM9PR07MB7876.eurprd07.prod.outlook.com (2603:10a6:20b:2ff::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5857.17; Thu, 24 Nov 2022 16:07:55 +0000
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::99e7:5b55:a0ca:8a73]) by HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::99e7:5b55:a0ca:8a73%6]) with mapi id 15.20.5857.017; Thu, 24 Nov 2022 16:07:55 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: Tero Kivinen <kivinen@iki.fi>, Paul Wouters <paul@nohats.ca>
CC: "ipsec@ietf.org" <ipsec@ietf.org>
Thread-Topic: [IPsec] I-D Action: draft-ietf-ipsecme-ikev1-algo-to-historic-08.txt
Thread-Index: AQHY+1vcXGk6s2yemk+25274yHMBNa5EwaiAgAew3YCAAdGQPw==
Date: Thu, 24 Nov 2022 16:07:54 +0000
Message-ID: <HE1PR0701MB30505060DBB3825689F04703890F9@HE1PR0701MB3050.eurprd07.prod.outlook.com>
References: <166878243717.63383.13722856524693664615@ietfa.amsl.com> <d5250375-e220-6b1c-ca6f-357d6c12674a@nohats.ca> <25470.3527.51755.35718@fireball.acr.fi>
In-Reply-To: <25470.3527.51755.35718@fireball.acr.fi>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: HE1PR0701MB3050:EE_|AM9PR07MB7876:EE_
x-ms-office365-filtering-correlation-id: a879c0c3-40db-48d1-bc55-08dace360bea
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: hdFf7++wjkrXNb29y0OuJX0kgcOW01hbuJz/j4ydUBK7qpAkcFx1OukllBZt1FNamBfXWvwMJUw9mvoLQ1VxW0HJzE4FJA8RzYTotj0kLi1DyuNg7e9tjbzkUrzF9Kvv+cCaInUhupjxNUQuYoWfEKhlmIkXWAXod4n+3OhKdA6jfLWcedkL89oMsvxLo2uf87PTBNB7CPnCTnRKx5dlMqF/g0qIeqOPLbZ7/58zmHyfSwdR30i294Aawar3hZ2DO3Yk2CEpuGfJHPqthKaiwo9eYrXc851t3qkg39ZQDNMYfb8A3zfwPLcoJ1whbseNpsYy8zzp3WCzffP33DHsOuUmLCXXOxP/TPgqfYnDX/oeDrAm45nBUhBYWpJQ8HXxvsej/fKk15//2AhEhqF+mRPaJS3UZQ+MET/gCqp2diQ5+9LX9xziXf/2rC2cFZ0wkUjpNPrDvsDQriaU+3jtm5WkAbg8/TVX9n5H7Cls9yuyYSLA0b1RFstk+xQenvfZuTLYvBlIjxSJ66Jn/nyFqOn7S1jcnyeas+YAprYN8RFvnQl+PNJNmjjHH9YGQmzlss3BTTtmhg4b/5/6oNYqgMbnKzel0fr3ue4Sr77n25KeW0wrdFFGJRprWN9CVRgoSZUYMpciFdh05wR3SzuUc0Z2Sp5xSTi/UQ6jk98NwFOcNjyaYKp2+6Bb9rBJid8FFEgFspmy8YRngpFa6bdq95bQuu+jfeAR0YjNWyVBMF0=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0701MB3050.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(136003)(396003)(346002)(376002)(366004)(39860400002)(451199015)(2906002)(83380400001)(166002)(33656002)(66946007)(66556008)(64756008)(41300700001)(66476007)(55016003)(186003)(66446008)(86362001)(76116006)(38070700005)(82960400001)(53546011)(44832011)(6506007)(9686003)(110136005)(7696005)(122000001)(38100700002)(66574015)(8936002)(5660300002)(26005)(91956017)(52536014)(4326008)(8676002)(478600001)(316002)(71200400001)(966005); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: CVqcEyydEwCr0EIFTq4pWegIN39ck/zv8Qx+6Z0eLL4qffqY0CJBoaS2SzbxoxBTku5DQzW4o3ySu/ScUHb/prkEhTVbfbI1CulJvvvAqUTt+hKhLbCOesW+rUVY+XppaQ/dM/biBPWqpa1deOsNB5hiRCRmIBLpptlHMuAv/zwDWi5944XUHpa8Lz2Xk44mEo+oYuzAFRHZStJ9VhUNsZnGkOM1P76mnupeb9+laVt1IP0JwEXnIj8VTnr3DzR88V+6+nqEBXb7qa1iz48zZZOBkY2fETOT3mAHpYM5SsDepAdICaKsrg3jpZ3KNJY2IBE3DEStC+qXwOLosLFsX6EeGjQXHn+v2kwF0kmZPyQHwTjk5FMVFAsZHUGcDHXlEWAde1NunVnZ4fptUTeRt82EUQVzxbm3iWH/bM3tmiFg/TZj39/DyrhRBsDvB3Si35ANBT7WLuISBv82MpcErhg/Vl23sXfJ4O2MX67+3YsIjCP5wUS1keBYqFpR2HOCWxttNL38MLbu9b1aFCF5JP+Ih/Dtbwy4ekawmbXFTI7Yb/mq7xwqVNxoKoFOlpvk+us0y9UTN36Ljl17LpoxAGMdDkqJzoBu9sJqlPfsdrTXeIgBG6yQaQUZ+3pS+zRCiwIhyY1bCJdCU+tKKJojmYDlr4tkT6kcV2aREcDpcEW4xYXJSHGHsTvFbgFkGWyvg5b347HL0hxF0bjIPWgLPGdhrOiVxQnlJI1UvujNcBR7HFXN1PO+VQwvKkTN62YfnkUGGWbTJTw3lozIT6bxxJyzJ2baxfCfi+l1HxqVseHdOS0mwfMtt0ElRu5D4Qp7pvbarJIo8gc4G57z/umMU6p7QDLpPOa0NZMQKPDbwIDrwWW7B4PBjrMytjFKlOpnSIIowLa2pfUId/vkPJXbix1ETzutd5tG+1H0JsBD4pdwfcGmssR9l7NGXkGZXu12ceulFpU6+RjnE8IHTQFbbzegEGQbmLhIP+iqDSn89ecBme7Imeyo5+vPZHv1W+JBfQlWnWBrpCuvQQ9K/gVXZoCcwgbXTIadq3jjh2gdGR56U9pkEcX9V2pmEh41mrukWP6mdAyxQ2w0wDib+S5j70nXZ4q8bRI3SRFVPwEfAMdHznzd4hCpyiGYQqbmEWnKqQ9PZtkCaJ9//Ocla0NGeSZztxsTTeQeZcN0/ls4K102Usfc0DdUl/zEk31kgPObCKPxyDiEMtSomIFpMEUP+tMg8dXNIQayG1Mj+g4d15fFBJO1kRfPiwy4NKITpcQlHjQ9Fz0tJVrLJziZGhbLHE9lXPeeIWbZWLAMTnIhYsbhS/K/tJKhcbcEa5gq9dz0FNNgZGJ6K0KIv9EZYZVjRiaatdHMTrGdpmrKuZQExqi7sEt2PvV9XrxLrgu8HnjTnXre6TkK9iPZZYTWLBSUNslri98qoanQSlin7XKNyc/EapPFCP8EnFvhZli1IdXFZ3d6GLvpj2HMtHRq0Eq4B1qVrKwxj50V4y3sPanX9sMoix+3JsZD6iHlxnVvMVevWWluHAkXfEiZnwyyrn1xZb0rad8XywI+vtf3AC2Tc3w+xKk3ry6ekPMne4Gf8h2uiZlg+c7MPaSvPiFmA37LhxqZUhn0FczPEegtxpoZvZQ=
Content-Type: multipart/alternative; boundary="_000_HE1PR0701MB30505060DBB3825689F04703890F9HE1PR0701MB3050_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0701MB3050.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a879c0c3-40db-48d1-bc55-08dace360bea
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Nov 2022 16:07:54.9679 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: hYzt099DnS4R9zerMgG3Du8PfReO3ljDiwNfPqs9fCEFVXaTstiskDoPYe5kbvYTH3RHopD5CYhUSWTtnfQcUm0pqCP0H0BYxTalb0eAPAo=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR07MB7876
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/-yMwbcG3bigoOiI_-0aWwjRsBjM>
Subject: Re: [IPsec] I-D Action: draft-ietf-ipsecme-ikev1-algo-to-historic-08.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Nov 2022 16:08:03 -0000
Hi, Not too late to change. According to NIST, 2048-bit MODP Group and 224-bit Random ECP Group are MUST NOT use if the information you are protecting have a lifetime longer than 8 years (2031 - today). 1024-bit MODP is two security levels below that. I think IETF in generally way to slow if deprecating stuff. I would love to see the following deprecated as well: 1024-bit MODP Group with 160-bit Prime Order Subgroup 1536-bit MODP Group 192-bit Random ECP Group AUTH_HMAC_SHA1_96 PRF_HMAC_SHA1 Cheers, John From: IPsec <ipsec-bounces@ietf.org> on behalf of Tero Kivinen <kivinen@iki.fi> Date: Wednesday, 23 November 2022 at 13:11 To: Paul Wouters <paul@nohats.ca> Cc: ipsec@ietf.org <ipsec@ietf.org> Subject: Re: [IPsec] I-D Action: draft-ietf-ipsecme-ikev1-algo-to-historic-08.txt Paul Wouters writes: > ps. Re-reading this draft, does anyone remember why we deprecated DH22 > (1024-bit MODP Group with 160-bit Prime Order Subgroup) but not DH2 > (also 1024 bit MODP) >From 8247: ... Group 2 or the 1024-bit MODP Group has been downgraded from MUST- in RFC 4307 to SHOULD NOT. It is known to be weak against sufficiently funded attackers using commercially available mass-computing resources, so its security margin is considered too narrow. It is expected in the near future to be downgraded to MUST NOT. ... Groups 22, 23, and 24 are MODP groups with Prime Order Subgroups that are not safe primes. The seeds for these groups have not been publicly released, resulting in reduced trust in these groups. These groups were proposed as alternatives for groups 2 and 14 but never saw wide deployment. It has been shown that group 22 with 1024-bit MODP is too weak and academia have the resources to generate malicious values at this size. This has resulted in group 22 to be demoted to MUST NOT. Groups 23 and 24 have been demoted to SHOULD NOT and are expected to be further downgraded in the near future to MUST NOT. Since groups 23 and 24 have small subgroups, the checks specified in the first bullet point of Section 2.2 of "Additional Diffie-Hellman Tests for the Internet Key Exchange Protocol Version 2 (IKEv2)" [RFC6989] MUST be done when these groups are used. ... I.e., the main reason being that group 2 was only MUST algorithm before, and moving it from MUST to MUST NOT while we do not have any oher algorithms as MUST was considered bad. Also the group is formed inin a deterministic way which should not make it possible that the group is created to be weak from the beginning. There were no such concerns for the group 22, and also as there is no way of knowing whether that group is generated as weak group that is even more reason to make it MUST NOT. -- kivinen@iki.fi _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
- [IPsec] I-D Action: draft-ietf-ipsecme-ikev1-algo… internet-drafts
- Re: [IPsec] I-D Action: draft-ietf-ipsecme-ikev1-… Paul Wouters
- Re: [IPsec] I-D Action: draft-ietf-ipsecme-ikev1-… Tero Kivinen
- Re: [IPsec] I-D Action: draft-ietf-ipsecme-ikev1-… John Mattsson
- Re: [IPsec] I-D Action: draft-ietf-ipsecme-ikev1-… Paul Wouters
- Re: [IPsec] I-D Action: draft-ietf-ipsecme-ikev1-… Tero Kivinen
- Re: [IPsec] I-D Action: draft-ietf-ipsecme-ikev1-… Paul Wouters
- Re: [IPsec] I-D Action: draft-ietf-ipsecme-ikev1-… Daniel Migault