Re: [kitten] SPAKE and non-deterministic RFC 3961 checksums

Benjamin Kaduk <kaduk@mit.edu> Sat, 30 September 2017 19:02 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 28E3C132125 for <kitten@ietfa.amsl.com>; Sat, 30 Sep 2017 12:02:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.321
X-Spam-Level:
X-Spam-Status: No, score=-2.321 tagged_above=-999 required=5 tests=[RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mZLlJSA0JcGB for <kitten@ietfa.amsl.com>; Sat, 30 Sep 2017 12:02:15 -0700 (PDT)
Received: from dmz-mailsec-scanner-3.mit.edu (dmz-mailsec-scanner-3.mit.edu [18.9.25.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E4213126BF3 for <kitten@ietf.org>; Sat, 30 Sep 2017 12:02:14 -0700 (PDT)
X-AuditID: 1209190e-0f3ff70000001974-ab-59cfea35d815
Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-3.mit.edu (Symantec Messaging Gateway) with SMTP id 80.71.06516.53AEFC95; Sat, 30 Sep 2017 15:02:13 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-3.mit.edu (8.13.8/8.9.2) with ESMTP id v8UJ2Cip031340; Sat, 30 Sep 2017 15:02:13 -0400
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id v8UJ29Kj015529 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sat, 30 Sep 2017 15:02:11 -0400
Date: Sat, 30 Sep 2017 14:02:09 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: "Henry B (Hank) Hotz, CISSP" <hbhotz@oxy.edu>
Cc: Simo Sorce <simo@redhat.com>, kitten@ietf.org
Message-ID: <20170930190208.GS96685@kduck.kaduk.org>
References: <x7d1sn5zyl8.fsf@equal-rites.mit.edu> <20170919015937.GN96685@kduck.kaduk.org> <1505920169.1143.15.camel@redhat.com> <20170923190527.GU96685@kduck.kaduk.org> <1506358991.3211.1.camel@redhat.com> <20170926022550.GZ96685@kduck.kaduk.org> <B9ED4047-4BAF-4F58-A4CF-5CE420371BB7@oxy.edu> <20170928022127.GF96685@kduck.kaduk.org> <8CDF104A-0D83-4B46-9016-E8ECA6F581D3@oxy.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <8CDF104A-0D83-4B46-9016-E8ECA6F581D3@oxy.edu>
User-Agent: Mutt/1.8.3 (2017-05-23)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprHKsWRmVeSWpSXmKPExsUixCmqrWv66nykwaIP5hYf7y1ksTi6eRWL xY+5i1gdmD2WLPnJ5LG16S+zx/t9V9kCmKO4bFJSczLLUov07RK4Mja9nMRYsI+9YnpHF1sD 4y/WLkZODgkBE4m3b78wdTFycQgJLGaSmLF2MhuEs5FRomf2dEYI5yqTxJv/DWAtLAKqEv83 f2AGsdkEVCQaui+D2SIChhLTV04Eq2EGsqfs3cgGYgsLuEic/bAUaAUHBy/Qur83ayBm9jFL bGjvAuvlFRCUODnzCQtEr7rEn3mXmEHqmQWkJZb/44AIy0s0b50NFuYUsJa4vtcSJCwqoCwx b98qtgmMgrOQDJqFZNAshEGzkAxawMiyilE2JbdKNzcxM6c4NVm3ODkxLy+1SNdYLzezRC81 pXQTIzjQJfl2ME5q8D7EKMDBqMTDu+D2+Ugh1sSy4srcQ4ySHExKorzcz4FCfEn5KZUZicUZ 8UWlOanFhxglOJiVRHgnPAHK8aYkVlalFuXDpKQ5WJTEebcF7YoUEkhPLEnNTk0tSC2Cycpw cChJ8Jq/BGoULEpNT61Iy8wpQUgzcXCCDOcBGq4IUsNbXJCYW5yZDpE/xWjMcePh9T9MHI9u 3P3DJMSSl5+XKiXOqwJSKgBSmlGaBzcNlKwksvfXvGIUB3pOmFcKpIoHmOjg5r0CWsUEtGry xDMgq0oSEVJSDYzOz2N/xVr53E8JfD/9rYbJLL6tFXz2/513JMmuyDNb03Nr/ccCDXbpNq3V szX3/+T54h8w1ePtYXaNGUwuEcFSG284XvFcZXIso/SJ4UuBQO4VYssOv+mVic17f/6jn2xZ z6rt09z5+BMrQyckVxak7ky48WDSxb2PglxeHhBN+vRiily1V7ESS3FGoqEWc1FxIgAB4AAv MQMAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/03Z4oGZz7xG44_HAbSaWhKc7-QI>
Subject: Re: [kitten] SPAKE and non-deterministic RFC 3961 checksums
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Sep 2017 19:02:16 -0000

On Sat, Sep 30, 2017 at 02:05:25AM -0700, Henry B (Hank) Hotz, CISSP wrote:
> 
> > On Sep 27, 2017, at 7:21 PM, Benjamin Kaduk <kaduk@MIT.EDU>; wrote:
> > 
> > As I understand it, there is not much (any?) modern software that strictly
> > requires single-DES, but there are also many sites where the effort to
> > upgrade has not been expended.  Even in ATHENA.MIT.EDU, we have cross-realm
> > keys that are actively used (albeit not for terribly critical functionality)
> > that remain single-DES because of the logistical challenges involved in
> > getting both KDC administrators in contact and with a trusted channel.
> > 
> > -Ben
> 
> I know that kind of thing can be much harder than it seems it should. OTOH, do you think that difficulty (as a specific example) should prevent us from stipulating "no 1des with SPAKEā€?

No, I don't think examples of that sort should prevent us from placing
that restriction on SPAKE usage.

-Ben