IETF Logo Mail Archive

Re: [kitten] New EncTypes?

"Henry B (Hank) Hotz, CISSP" <hbhotz@oxy.edu> Thu, 19 November 2015 03:24 UTC

Return-Path: <hbhotz@oxy.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 259471B3C2E for <kitten@ietfa.amsl.com>; Wed, 18 Nov 2015 19:24:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id STqRCdcB38HP for <kitten@ietfa.amsl.com>; Wed, 18 Nov 2015 19:24:14 -0800 (PST)
Received: from mailout.easymail.ca (mailout.easymail.ca [64.68.201.169]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 84EB61B3C44 for <kitten@ietf.org>; Wed, 18 Nov 2015 19:24:14 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mailout.easymail.ca (Postfix) with ESMTP id DD0E7E650; Wed, 18 Nov 2015 22:24:09 -0500 (EST)
X-Virus-Scanned: Debian amavisd-new at mailout.easymail.ca
Received: from mailout.easymail.ca ([127.0.0.1]) by localhost (easymail-mailout.easydns.vpn [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j0BbIZQsaUsU; Wed, 18 Nov 2015 22:24:09 -0500 (EST)
Received: from [192.168.1.180] (wsip-174-76-19-88.oc.oc.cox.net [174.76.19.88]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailout.easymail.ca (Postfix) with ESMTPSA id E90C9E64B; Wed, 18 Nov 2015 22:24:08 -0500 (EST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
From: "Henry B (Hank) Hotz, CISSP" <hbhotz@oxy.edu>
In-Reply-To: <alpine.GSO.1.10.1511182134350.26829@multics.mit.edu>
Date: Wed, 18 Nov 2015 19:24:06 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <06824D7B-C3AF-4DD2-BD02-2C94EE0E0948@oxy.edu>
References: <FEF7E228-3AF4-4D12-B4B0-CFB935B5ABB5@oxy.edu> <alpine.GSO.1.10.1511182134350.26829@multics.mit.edu>
To: Benjamin Kaduk <kaduk@MIT.EDU>
X-Mailer: Apple Mail (2.2104)
Archived-At: <http://mailarchive.ietf.org/arch/msg/kitten/sGbkuUQ-Ow2BGsB4Ri06rpDSX1c>
Cc: "kitten@ietf.org <kitten@ietf.org>" <kitten@ietf.org>
Subject: Re: [kitten] New EncTypes?
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Nov 2015 03:24:16 -0000

> On Nov 18, 2015, at 6:39 PM, Benjamin Kaduk <kaduk@MIT.EDU> wrote:
> 
> On Wed, 18 Nov 2015, Henry B (Hank) Hotz, CISSP wrote:
> 
>> It seems to be time to do housecleaning on algorithms selections. Is anyone interested in adding a new enctype to Kerberos?
>> 
>> Why (else)?  Speaking strictly for myself, I’d like to see a
>> mandatory-to-implement enctype that shares *nothing* with the current
>> aes-sha1-hmac stuff. I’m speaking purely strategically and not from any
>> mathematical suspicion of weakness. If someone discovers something
>> fundamentally wrong with the math behind SHA1 or AES, then it might take
>> out SHA2 or Camellia as well.
>> 
>> I have nothing specific against the “suite-B” proposal, but they’re not
>> what I’d like to see. I assume the NSA is too busy riding the “post
>> quantum” horse away from their DRBG fiasco to help finish it.
>> 
>> Just to throw some straw (just straw, not an actual strawman) on the
>> table, how about something that uses one of the European stream cipher
>> finalists with SHA-3?
> 
> I had heard mutterings elsewhere about a chacha20-poly1305 sort of thing,
> which seems potentially interesting to me.  The real question is whether
> implementors would pick up such a thing, and whether we can get consensus
> for MTI.
> 
> There are public commitments to funding at least one implementation of the
> aes-cts-hmac-sha2 proposal, but I don't think I've heard anything one way
> or the other about a completely novel enctype.

It’s the difference between fixing known weaknesses and (trying) to protect against unknown ones.

>> Finally, is anyone interested in doing a die-die-die draft for triple-des, or rc4?
> 
> There is already
> https://tools.ietf.org/html/draft-kaduk-kitten-des-des-des-die-die-die-00

OK, love the name. ;-) On quick scan the content looks good too. I guess I missed it because I didn’t have my current job yet, and my life was a bit unstable.

I’ll certainly put in a strong second as being supportive of that draft (with TBD nits). However, as several have said on saag, we need to make sure we have enough good algorithms available if we want to depreciate algorithms.

> -Ben


Personal:  hbhotz@oxy.edu
Business: hhotz@securechannels.com

v2.23.0 | Report a Bug | By Email