RE: RE: RE: about security level evaluation of draft-zhou-6man-mhash-cga-00

Christian Huitema <huitema@microsoft.com> Mon, 09 April 2012 06:13 UTC

Return-Path: <huitema@microsoft.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D645611E8076 for <ipv6@ietfa.amsl.com>; Sun, 8 Apr 2012 23:13:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jXtaU1gfk-PA for <ipv6@ietfa.amsl.com>; Sun, 8 Apr 2012 23:13:08 -0700 (PDT)
Received: from db3outboundpool.messaging.microsoft.com (db3ehsobe001.messaging.microsoft.com [213.199.154.139]) by ietfa.amsl.com (Postfix) with ESMTP id A324111E8074 for <ipv6@ietf.org>; Sun, 8 Apr 2012 23:12:50 -0700 (PDT)
Received: from mail115-db3-R.bigfish.com (10.3.81.251) by DB3EHSOBE002.bigfish.com (10.3.84.22) with Microsoft SMTP Server id 14.1.225.23; Mon, 9 Apr 2012 06:12:49 +0000
Received: from mail115-db3 (localhost [127.0.0.1]) by mail115-db3-R.bigfish.com (Postfix) with ESMTP id 764C24E03CF; Mon, 9 Apr 2012 06:12:49 +0000 (UTC)
X-SpamScore: 0
X-BigFish: VS0(zzzz1202hzzz2fh2a8h668h839h944hd25h)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14HUBC107.redmond.corp.microsoft.com; RD:none; EFVD:NLI
Received-SPF: pass (mail115-db3: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=huitema@microsoft.com; helo=TK5EX14HUBC107.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail115-db3 (localhost.localdomain [127.0.0.1]) by mail115-db3 (MessageSwitch) id 1333951967579891_16120; Mon, 9 Apr 2012 06:12:47 +0000 (UTC)
Received: from DB3EHSMHS004.bigfish.com (unknown [10.3.81.226]) by mail115-db3.bigfish.com (Postfix) with ESMTP id 8881AC0053; Mon, 9 Apr 2012 06:12:47 +0000 (UTC)
Received: from TK5EX14HUBC107.redmond.corp.microsoft.com (131.107.125.8) by DB3EHSMHS004.bigfish.com (10.3.87.104) with Microsoft SMTP Server (TLS) id 14.1.225.23; Mon, 9 Apr 2012 06:12:47 +0000
Received: from TK5EX14MBXC272.redmond.corp.microsoft.com ([169.254.2.3]) by TK5EX14HUBC107.redmond.corp.microsoft.com ([157.54.80.67]) with mapi id 14.02.0283.004; Mon, 9 Apr 2012 06:12:43 +0000
From: Christian Huitema <huitema@microsoft.com>
To: "zhou.sujing@zte.com.cn" <zhou.sujing@zte.com.cn>
Subject: RE: RE: RE: about security level evaluation of draft-zhou-6man-mhash-cga-00
Thread-Topic: RE: RE: about security level evaluation of draft-zhou-6man-mhash-cga-00
Thread-Index: AQHNDCUWKLxARtLzBUSojhXcXZo3xpZ+nkYwgAD6AICAANIHoIARoPiAgAAKz4A=
Date: Mon, 9 Apr 2012 06:12:42 +0000
Message-ID: <C91E67751B1EFF41B857DE2FE1F68ABA03CE6CF5@tk5ex14mbxc272.redmond.corp.microsoft.com>
References: <C91E67751B1EFF41B857DE2FE1F68ABA03CD1BAE@tk5ex14mbxc272.redmond.corp.microsoft.com> <OFEB23C165.38BEF108-ON482579DB.001B4C6C-482579DB.001E383D@zte.com.cn>
In-Reply-To: <OFEB23C165.38BEF108-ON482579DB.001B4C6C-482579DB.001E383D@zte.com.cn>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.37]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
Cc: "ipv6@ietf.org" <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Apr 2012 06:13:09 -0000

> But I don't agree with you in  "each trial is just as complex as finding a matching CGA address."

It is just as complex -- unless of course someone cracks the hash algorithm. Absent a published crack, we have to assume that the best method for the attacker is an exhaustive search of salt values.

Of course, we have no guarantee that the hash algorithm will not be cracked at some point in the future, and algorithm agility is indeed a desirable property.

-- Christian Huitema