Re: [sasl] MOGGIES Proposed Charter
Tom Yu <tlyu@MIT.EDU> Fri, 21 May 2010 22:43 UTC
Return-Path: <tlyu@mit.edu>
X-Original-To: kitten@core3.amsl.com
Delivered-To: kitten@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4F1F23A6A59; Fri, 21 May 2010 15:43:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.867
X-Spam-Level:
X-Spam-Status: No, score=-0.867 tagged_above=-999 required=5 tests=[AWL=-0.868, BAYES_50=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NpDtg10-ILUk; Fri, 21 May 2010 15:43:45 -0700 (PDT)
Received: from dmz-mailsec-scanner-7.mit.edu (DMZ-MAILSEC-SCANNER-7.MIT.EDU [18.7.68.36]) by core3.amsl.com (Postfix) with ESMTP id 02C1E3A6942; Fri, 21 May 2010 15:43:44 -0700 (PDT)
X-AuditID: 12074424-b7b9dae000002832-1e-4bf70c9af6bc
Received: from mailhub-auth-1.mit.edu (MAILHUB-AUTH-1.MIT.EDU [18.9.21.35]) by dmz-mailsec-scanner-7.mit.edu (Symantec Brightmail Gateway) with SMTP id 65.0A.10290.A9C07FB4; Fri, 21 May 2010 18:43:38 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id o4LMhblE031336; Fri, 21 May 2010 18:43:37 -0400
Received: from cathode-dark-space.mit.edu (CATHODE-DARK-SPACE.MIT.EDU [18.18.1.96]) (authenticated bits=56) (User authenticated as tlyu@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id o4LMhZgV020165 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 21 May 2010 18:43:36 -0400 (EDT)
Received: (from tlyu@localhost) by cathode-dark-space.mit.edu (8.12.9.20060308) id o4LMhZ5Q004255; Fri, 21 May 2010 18:43:35 -0400 (EDT)
To: Nicolas Williams <Nicolas.Williams@oracle.com>
Subject: Re: [sasl] MOGGIES Proposed Charter
References: <20100518191521.GL9429@oracle.com> <201005202238.o4KMcML6028897@fs4113.wdf.sap.corp> <20100520225647.GX9605@oracle.com>
From: Tom Yu <tlyu@MIT.EDU>
Date: Fri, 21 May 2010 18:43:35 -0400
In-Reply-To: <20100520225647.GX9605@oracle.com> (Nicolas Williams's message of "Thu, 20 May 2010 17:56:47 -0500")
Message-ID: <ldvy6fc3mg8.fsf@cathode-dark-space.mit.edu>
Lines: 31
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Brightmail-Tracker: AAAAAA==
Cc: kitten@ietf.org, tim.polk@nist.gov, sasl@ietf.org
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 May 2010 22:43:46 -0000
Nicolas Williams <Nicolas.Williams@oracle.com> writes: > On Fri, May 21, 2010 at 12:38:22AM +0200, Martin Rex wrote: > >> What changes over time is the amount of "strength" that one considers >> secure. > > Not only. Cryptanalysis progresses and the relative strengths of > various algorithms can vary. > > I abhor anything remotely like a quantification of cryptographic > strength, and will for the forseeable future. The meaning of "security strength" can be made fairly precise by definitions involving, for example, the base 2 logarithm of the time or space complexity of attacking an algorithm, e.g., NIST SP 800-57, Part 1, Section 5.6.1. That text gives the example of three-key triple DES, which has 168 bits of key material and has 112 bits of effective security strength. Yes, this means that you may have to revise the numeric "security strength" that you report for a given cryptographic association as new cryptanalytic attacks are discovered, but you would have to do that anyway with a non-numeric method of reporting "security strength". As I understand it, defeating an algorithm with a security strength of 128 bits approaches or exceeds reasonable information-theoretic bounds on the computational capacity of the universe, unless you consider quantum computing to be a credible threat. I expect that the amount of "strength" that we consider secure is unlikely to change unless tremendous advances occur in the realm of quantum computing.
- MOGGIES Proposed Charter Shawn Emery
- Re: MOGGIES Proposed Charter Simon Josefsson
- Re: MOGGIES Proposed Charter Alexey Melnikov
- Re: [sasl] MOGGIES Proposed Charter Alexey Melnikov
- Re: MOGGIES Proposed Charter Simon Josefsson
- Re: MOGGIES Proposed Charter Alexey Melnikov
- Re: [sasl] MOGGIES Proposed Charter Simon Josefsson
- Re: [sasl] MOGGIES Proposed Charter Nicolas Williams
- Re: [sasl] MOGGIES Proposed Charter Jeffrey Altman
- Re: [sasl] MOGGIES Proposed Charter Nicolas Williams
- Re: [sasl] MOGGIES Proposed Charter Jeffrey Hutzelman
- Re: [sasl] MOGGIES Proposed Charter Nicolas Williams
- Re: [sasl] MOGGIES Proposed Charter Jeffrey Hutzelman
- Re: MOGGIES Proposed Charter Simon Josefsson
- Re: MOGGIES Proposed Charter Andrew Bartlett
- Re: [sasl] MOGGIES Proposed Charter Alexey Melnikov
- Re: [sasl] MOGGIES Proposed Charter Alexey Melnikov
- Re: MOGGIES Proposed Charter Jeffrey Hutzelman
- Re: [sasl] MOGGIES Proposed Charter Martin Rex
- Re: [sasl] MOGGIES Proposed Charter Nicolas Williams
- Re: MOGGIES Proposed Charter< Martin Rex
- Re: [sasl] MOGGIES Proposed Charter Tom Yu
- Re: [sasl] MOGGIES Proposed Charter Nicolas Williams
- Re: [sasl] MOGGIES Proposed Charter Arnt Gulbrandsen
- Re: [sasl] MOGGIES Proposed Charter Nicolas Williams
- Re: [sasl] MOGGIES Proposed Charter Kurt Zeilenga
- Re: MOGGIES Proposed Charter< Sam Hartman
- Re: [sasl] MOGGIES Proposed Charter Leif Johansson
- Re: MOGGIES Proposed Charter Leif Johansson