Re: [IPsec] Two questions about draft-ietf-ipsecme-chacha20-poly1305-00
Michael Richardson <mcr+ietf@sandelman.ca> Mon, 27 April 2015 15:15 UTC
Return-Path: <mcr@sandelman.ca>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E9A6E1A8849 for <ipsec@ietfa.amsl.com>; Mon, 27 Apr 2015 08:15:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.311
X-Spam-Level:
X-Spam-Status: No, score=-1.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_28=0.6, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jNQ6y5F3_Yau for <ipsec@ietfa.amsl.com>; Mon, 27 Apr 2015 08:14:56 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 58F331A8847 for <ipsec@ietf.org>; Mon, 27 Apr 2015 08:14:56 -0700 (PDT)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id 8B145E007 for <ipsec@ietf.org>; Mon, 27 Apr 2015 11:26:45 -0400 (EDT)
Received: by sandelman.ca (Postfix, from userid 179) id 8E61B63B86; Mon, 27 Apr 2015 11:14:55 -0400 (EDT)
Received: from sandelman.ca (localhost [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id 759D063731 for <ipsec@ietf.org>; Mon, 27 Apr 2015 11:14:55 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: ipsec@ietf.org
In-Reply-To: <6E938E70-324A-424E-9D20-7067BD278165@gmail.com>
References: <20150330133237.21486.80504.idtracker@ietfa.amsl.com> <6E938E70-324A-424E-9D20-7067BD278165@gmail.com>
X-Mailer: MH-E 8.6; nmh 1.3-dev; GNU Emacs 24.4.2
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha1"; protocol="application/pgp-signature"
Date: Mon, 27 Apr 2015 11:14:55 -0400
Message-ID: <20705.1430147695@sandelman.ca>
Sender: mcr@sandelman.ca
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipsec/mBesmUgE2qB0N1uygn0BUZ0qFQQ>
Subject: Re: [IPsec] Two questions about draft-ietf-ipsecme-chacha20-poly1305-00
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Apr 2015 15:15:02 -0000
Yoav Nir <ynir.ietf@gmail.com> wrote: > Second issue is about UI advice. Some implementations (yes, mine is > included) allow the user to configure encryption algorithm, MAC > algorithm, and D-H group. There is no setting for PRF since such UIs > date back to IKEv1. The PRF is usually just taken from the setting for > MAC algorithm. This works fine as long as all supported MAC algorithms > are HMAC, XCBC, and CMAC. AES-GCM would have the same issue, but RFC > 5282 makes no mention of this issue. I’m wondering if we should > recommend to pair this algorithm in IKE with PRF_HMAC_SHA2_256. So, in this case, if you wanted to not change your UI, maybe you would tell the user to configure encryption-algorithm=Chacha20-Poly1305 MAC=HMAC-SHA2 DH=whatever the MAC would not apply to IPsec at all? I guess if we are deploying this algorithm with the concern that HMAC-SHA2/AES might become weak, that it would seem odd to depend upon SHA2 as the PRF. At least, users might not understand. (noting that SHA2 != HMAC-SHA2, and also that the inputs to the PRF as not very easily manipulated...) -- Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
- [IPsec] I-D Action: draft-ietf-ipsecme-chacha20-p… internet-drafts
- [IPsec] Two questions about draft-ietf-ipsecme-ch… Yoav Nir
- Re: [IPsec] Two questions about draft-ietf-ipsecm… Yoav Nir
- Re: [IPsec] Two questions about draft-ietf-ipsecm… Scott Fluhrer (sfluhrer)
- [IPsec] Early code point assignment (was: I-D Act… Yoav Nir
- [IPsec] Two questions about draft-ietf-ipsecme-ch… Tero Kivinen
- Re: [IPsec] Early code point assignment (was: I-D… Yoav Nir
- Re: [IPsec] Early code point assignment (was: I-D… Paul Wouters
- Re: [IPsec] Early code point assignment (was: I-D… Yoav Nir
- Re: [IPsec] Early code point assignment (was: I-D… Paul Wouters
- Re: [IPsec] Early code point assignment (was: I-D… Tero Kivinen
- Re: [IPsec] Early code point assignment (was: I-D… Paul Wouters
- Re: [IPsec] Early code point assignment (was: I-D… Tero Kivinen
- Re: [IPsec] Early code point assignment (was: I-D… Yoav Nir
- Re: [IPsec] Early code point assignment (was: I-D… Paul Wouters
- Re: [IPsec] Early code point assignment Yaron Sheffer
- Re: [IPsec] Early code point assignment (was: I-D… Tero Kivinen
- Re: [IPsec] Two questions about draft-ietf-ipsecm… Yoav Nir
- Re: [IPsec] Two questions about draft-ietf-ipsecm… Yoav Nir
- Re: [IPsec] Two questions about draft-ietf-ipsecm… Yaron Sheffer
- Re: [IPsec] Two questions aboutdraft-ietf-ipsecme… Valery Smyslov
- Re: [IPsec] Two questions about draft-ietf-ipsecm… Michael Richardson