Re: [IPsec] I-D Action: draft-fluhrer-qr-ikev2-02.txt
"Scott Fluhrer (sfluhrer)" <sfluhrer@cisco.com> Thu, 11 August 2016 13:50 UTC
Return-Path: <sfluhrer@cisco.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DBFCF12D608 for <ipsec@ietfa.amsl.com>; Thu, 11 Aug 2016 06:50:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.768
X-Spam-Level:
X-Spam-Status: No, score=-15.768 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.247, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Uu6A7vkgDZjT for <ipsec@ietfa.amsl.com>; Thu, 11 Aug 2016 06:50:16 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BFE9312D0A8 for <ipsec@ietf.org>; Thu, 11 Aug 2016 06:50:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1797; q=dns/txt; s=iport; t=1470923416; x=1472133016; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=mPRsLCn5/fHyYPuThEkrbcMGRgRmbta/cIzTqcJY5gc=; b=mTBWxAn5V69KI0tr3qhty6cNUvgp8N5kb7deWLw2h0fe6Szu+5nqw7S6 phWtz2wlNmT6VoUTlFaeVdmXCu3oq0hy6b4AT96Z6pbrxKymZgOMAqafz CfElbyk78YGDRVZwtyL5lLC5QyH8l+3r+JL4PJA7DjIFFbQ+VmbFns0Qc 0=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BWAgCvgaxX/4ENJK1eg0VWfAesfowogX0khXkCgWI4FAEBAQEBAQFdJ4ReAQEFOjEODAQCAQgOAwQBAR8JByERFAkIAgQBDQUIiA8DFw68XA2EQAEBAQEBAQEBAQEBAQEBAQEBAQEBARyGKoNKgQOCNA+HWAWZCDQBjFaCNo9KiC2ECIN3AR42g3puAYYFfwEBAQ
X-IronPort-AV: E=Sophos;i="5.28,505,1464652800"; d="scan'208";a="136590334"
Received: from alln-core-9.cisco.com ([173.36.13.129]) by rcdn-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA; 11 Aug 2016 13:50:16 +0000
Received: from XCH-RTP-009.cisco.com (xch-rtp-009.cisco.com [64.101.220.149]) by alln-core-9.cisco.com (8.14.5/8.14.5) with ESMTP id u7BDoFr2021100 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Thu, 11 Aug 2016 13:50:15 GMT
Received: from xch-rtp-006.cisco.com (64.101.220.146) by XCH-RTP-009.cisco.com (64.101.220.149) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Thu, 11 Aug 2016 09:50:14 -0400
Received: from xch-rtp-006.cisco.com ([64.101.220.146]) by XCH-RTP-006.cisco.com ([64.101.220.146]) with mapi id 15.00.1210.000; Thu, 11 Aug 2016 09:50:14 -0400
From: "Scott Fluhrer (sfluhrer)" <sfluhrer@cisco.com>
To: Valery Smyslov <svanru@gmail.com>, Paul Hoffman <paul.hoffman@vpnc.org>
Thread-Topic: [IPsec] I-D Action: draft-fluhrer-qr-ikev2-02.txt
Thread-Index: AQHR7y/10NkmpxmQkkWhx9nlDv4V5aA/UmuAgAFBhqCAAINQgIACORgGgAB+/uA=
Date: Thu, 11 Aug 2016 13:50:14 +0000
Message-ID: <c01dd98b089e4f0c989954d4c0972c4e@XCH-RTP-006.cisco.com>
References: <20160805034543.15860.28796.idtracker@ietfa.amsl.com> <bd8018f8-f507-5721-5cba-976dd5a013fb@gmail.com> <04fc3cc06274464ca4b94746e50a67bc@XCH-RTP-006.cisco.com> <ac88df20-a086-6bbe-b90c-3d7bd27eb40c@gmail.com> <84F0EC1D-02BC-4892-9FC0-29B5E47A6D7F@vpnc.org> <22440.34261.193865.786849@fireball.acr.fi> <496a3c96a34741e48f8ec4d9d2e2a031@XCH-RTP-006.cisco.com> <2EB225E0-2921-43E7-90A5-B1D8329E9D66@vpnc.org> <DEC81EEA34E44A45A1D828D737D741E6@buildpc>
In-Reply-To: <DEC81EEA34E44A45A1D828D737D741E6@buildpc>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.98.2.57]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/IgACBH7GoN8fuOBajys2FaIASYY>
Cc: "ipsec@ietf.org" <ipsec@ietf.org>
Subject: Re: [IPsec] I-D Action: draft-fluhrer-qr-ikev2-02.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Aug 2016 13:50:18 -0000
> -----Original Message----- > From: Valery Smyslov [mailto:svanru@gmail.com] > Sent: Thursday, August 11, 2016 2:13 AM > To: Paul Hoffman; Scott Fluhrer (sfluhrer) > Cc: ipsec@ietf.org > Subject: Re: [IPsec] I-D Action: draft-fluhrer-qr-ikev2-02.txt > > Hi, > > >> On the other hand, we need to give people some guidance somehow... > > > > Do we? Who is "we"? Why is "our" guidance any better than what they > > get from their own experts, particularly if "our" guidance gets > > ossified in an IANA registry or RFCs that are updated slowly? > > Instead of listing QR-secure (or insecure) symmetric algorithms it's probably > better to give some generic advice of selecting symmetric crypto in presense > of Quantum Computers. > > For example (I stole the text from http://www.pqcrypto.eu.org/docs/initial- > recommendations.pdf): > > Symmetric systems are usually not affected by Shor's algorithm, but they are > affected by Grover's algorithm. Under Grover's attack, the best security a > key of length n can offer is 2^(n/2), so AES-128 offers only 2^64 post- > quantum security. This document recommends using algorithms with 256-bit > keys to achieve 2^128 post-quantum security. I'll steal this text in the next version (along with a note that, while the PRFs PRF_AES128_XCBC and PRF_AES128_CMAC do accept keys larger than 128 bits, they internally convert them to 128 bit values, and hence should be considered as 128 bit algorithms). > > >> There's no known Quantum attack against either (assuming long keys), > >> and so they're in the same category as AES-256. > > > > That would be better stated as "There's currently no known..." > > Exactly. > > > --Paul Hoffman > > Regards, > Valery.
- Re: [IPsec] I-D Action: draft-fluhrer-qr-ikev2-02… Scott Fluhrer (sfluhrer)
- Re: [IPsec] I-D Action: draft-fluhrer-qr-ikev2-02… Valery Smyslov
- Re: [IPsec] I-D Action: draft-fluhrer-qr-ikev2-02… Paul Hoffman
- Re: [IPsec] I-D Action: draft-fluhrer-qr-ikev2-02… Tero Kivinen
- Re: [IPsec] I-D Action: draft-fluhrer-qr-ikev2-02… Scott Fluhrer (sfluhrer)
- [IPsec] 4307bis/7321bis key sizes, was Re: I-D Ac… Paul Wouters
- Re: [IPsec] I-D Action: draft-fluhrer-qr-ikev2-02… Tero Kivinen
- Re: [IPsec] I-D Action: draft-fluhrer-qr-ikev2-02… Paul Hoffman
- Re: [IPsec] Fwd: I-D Action: draft-fluhrer-qr-ike… Yaron Sheffer
- Re: [IPsec] Fwd: I-D Action: draft-fluhrer-qr-ike… Scott Fluhrer (sfluhrer)
- [IPsec] Fwd: I-D Action: draft-fluhrer-qr-ikev2-0… Yaron Sheffer
- [IPsec] I-D Action: draft-fluhrer-qr-ikev2-02.txt internet-drafts
- Re: [IPsec] 4307bis/7321bis key sizes Paul Wouters
- Re: [IPsec] 4307bis/7321bis key sizes Paul Hoffman
- Re: [IPsec] 4307bis/7321bis key sizes Derek Atkins
- Re: [IPsec] 4307bis/7321bis key sizes Paul Hoffman
- Re: [IPsec] 4307bis/7321bis key sizes Yoav Nir
- Re: [IPsec] 4307bis/7321bis key sizes Derek Atkins
- Re: [IPsec] 4307bis/7321bis key sizes Paul Hoffman
- Re: [IPsec] 4307bis/7321bis key sizes Derek Atkins
- Re: [IPsec] 4307bis/7321bis key sizes Paul Wouters
- Re: [IPsec] 4307bis/7321bis key sizes Michael Richardson
- Re: [IPsec] 4307bis/7321bis key sizes Scott Fluhrer (sfluhrer)
- Re: [IPsec] 4307bis/7321bis key sizes Michael Richardson