IETF Logo Mail Archive

Re: [Lake] Ways forward on MTI cipher suite text

Göran Selander <goran.selander@ericsson.com> Mon, 24 January 2022 11:03 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BECE03A0D44 for <lake@ietfa.amsl.com>; Mon, 24 Jan 2022 03:03:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.676
X-Spam-Level:
X-Spam-Status: No, score=-2.676 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.576, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ihUFVS6FZjJI for <lake@ietfa.amsl.com>; Mon, 24 Jan 2022 03:03:53 -0800 (PST)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60043.outbound.protection.outlook.com [40.107.6.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5AEA23A0D41 for <lake@ietf.org>; Mon, 24 Jan 2022 03:03:51 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dt5OFwys8NHzotZRvsrk6EASv33D2r/bWHbZAAyJPGYkbI79XrMi+DsdImWWnsy0d2hjpJ/eGvIlYNDFBbOKrMB4lfmRq6PXbK05k8ZdllDyAQ+yCO5eu+4qjKX5SlDPh70Kof/kj1UjTPOKZhyDn1UJ8urwgxLdRImwYW4WEho8SU+LZ649Mem3l6Ndklbng3fnd+eD0VSalDMGW7ovs9EWj+llyyjJF9zt8R0Jtggp7oulUxPONWqSf8jZp3Z956dNYEKfnF+ChjHUnuu1LFJLZMk46EJ29rPxmoMJ2EGSG0GCr5QiZGv7AsjHCr1JwumlXNhUO0QqL5nLtJJ+0g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pwEfklXbvDKlM78KSy5RcDxM//NxucOVWWbyKcA0upE=; b=EihqY5g93xP9lPV8x2nzmSoAO9eYE00MNrknNASHW6NwhtorYY2DoINIn5//dZY0Ss17L61Xxt+lQ/bZ3PTIhpGsFPiX8WJMoJP9/whNAvZcp97WKcvNZvrejKi+dT5XD0hMmSbP4qT3Ttfeqv0rbYrcevBepa4S6WT6pyDswh3augmpyhBgjCehpP15nIPma6ByWOK/XX89hhwUZ/1FTKjMeJCYTtKkXx26nn1q3ssX2RdmfPSCdTrM+FZfrJP3B6eRag74UVrHVVu67pVFrJ554wJ9XuUPLWl0aKv+d8llUpRjM0DJIXzeX6p2gtdUQ4TWCVfV2C/JENIUIrQU5w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pwEfklXbvDKlM78KSy5RcDxM//NxucOVWWbyKcA0upE=; b=DzenfbhSmVRKU10Qzdd+oEsSrVR5+OWK1aLHNrR9ESiKlwLvFZX2sEoDRow7zweytFZ4ToGWyXb4hV83m0pG07MTQ4ECXxm2mwNZu25SPYs0Zggn4zowysu7QG5AQT/bG0sq5wVitdCpsTjMVjSj1jKtLzGjWhhmLZ9meKxaaq0=
Received: from AM4PR0701MB2195.eurprd07.prod.outlook.com (2603:10a6:200:45::6) by PR3PR07MB6684.eurprd07.prod.outlook.com (2603:10a6:102:2f::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4930.4; Mon, 24 Jan 2022 11:03:48 +0000
Received: from AM4PR0701MB2195.eurprd07.prod.outlook.com ([fe80::7c02:9e9:ecd3:ed36]) by AM4PR0701MB2195.eurprd07.prod.outlook.com ([fe80::7c02:9e9:ecd3:ed36%7]) with mapi id 15.20.4930.014; Mon, 24 Jan 2022 11:03:48 +0000
From: Göran Selander <goran.selander@ericsson.com>
To: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>, "lake@ietf.org" <lake@ietf.org>
CC: Mališa Vučinić <malisa.vucinic@inria.fr>, Russ Housley <housley@vigilsec.com>
Thread-Topic: [Lake] Ways forward on MTI cipher suite text
Thread-Index: AQHYDh/KgYuIcFc38kyxyL1WH2d6e6xsWo2AgAAEBseAABIQAIAFhLYx
Date: Mon, 24 Jan 2022 11:03:48 +0000
Message-ID: <AM4PR0701MB2195B935724D8DF4EE9257D4F45E9@AM4PR0701MB2195.eurprd07.prod.outlook.com>
References: <F4461112-A859-4647-B4D5-85E83A77803B@vigilsec.com> <C7D041C5-0BA9-4C1B-908B-883EE015F4E9@ll.mit.edu>
In-Reply-To: <C7D041C5-0BA9-4C1B-908B-883EE015F4E9@ll.mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7d293a70-a350-4fcf-191d-08d9df293287
x-ms-traffictypediagnostic: PR3PR07MB6684:EE_
x-microsoft-antispam-prvs: <PR3PR07MB6684FABF39C972EE95F6BF0FF45E9@PR3PR07MB6684.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: G+sVEEBuXhR3vb1Tr3qGhOQbhX6gfqP0yphDpT5bRw+F6c4FnlrsNMvwU3oQf4va7y/KqUcD3aS7vCaj9QBvnNGEJSivoJX9+bTc0WwpKCo2OyO2lkeSgdEKWV8VSQg576AA41EpaYnVFfDi+sxJpey2Q1vX79dL+7Y6WKv4u3ZNVozi3g8taXJVB6AoIK24JtKMJlUPEKeYAF59oeiP07BqGEwloFhO4DEShDU5zbqCCN9BB8m25eov5i7x4fRnyaPRmRTTqbRrNdqDQqH6sUfBZ3yw7U0CY5RGhsMn43GKt9SLJOM90E69rIB8ady/M8wrztt3qr7Ao5CpIyNt2H9PwDaHnBCqq06hko8sZU66CuHsrjFaBgpaJ0tR9qLOE7QacDl5ySYvajcRQUISkdfEhTAOsDP0bK2Mr4MICC+HgUKUGxzrUQ4LIXzO228LnBCtduQ/7cO43xHvDvchAs4tcaxxWvLVmFZB1wm27sy4UE8gICD3DCX0DESsFE2zwpPKQcim99tSTkKyJ/iEc6awDutpQNMjb5fDNNn5pp7qGPW+dVzVQp2EP0XNjwOz6bGGW9kZvTIUslkd6R2bX9aCKLKLWvihh3vfD5ZhDtOZCKQq6C72uq8YszUSqxFNNV2fMnbU7eChhVH0pIkqej9h6It24SYAdc1y4Ratlb63liytsuBvSDV+XRYpyDEVyDEQ2q05tunfYWgZYBL35BhFfvM0WWGcGqT4cykBh+eNeyLjqQQ75NINCLw1YKHREA4c9VsrUBSA6u0LVykiJH4YFEDPiyKW8qcpdDhCbwxweR/wU982ze4ug1YcGFddEr/LMgC/mMyr/L3/KtIdDh7EwD8qUYcM5xobjkOQ4vu2CQw/oaTIDKbf9u4vhtZH
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM4PR0701MB2195.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(966005)(85182001)(26005)(186003)(33656002)(85202003)(508600001)(2906002)(7696005)(83380400001)(71200400001)(6506007)(122000001)(76116006)(66574015)(86362001)(53546011)(5660300002)(64756008)(38070700005)(38100700002)(82960400001)(91956017)(110136005)(54906003)(166002)(316002)(8936002)(8676002)(66476007)(9686003)(4326008)(66556008)(66946007)(55016003)(66446008)(52536014)(20210929001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: LrYp+olP8oIGKxdjB/bJZeMeRCOBV6VLQ45tDh87PmF0+K52dIwc3mYiWGrRRMycTY7iVLYSLqdcvbjj4XBDT5A/LfZGKTQ2NcFDHU5no1fcN9XKFf9XTUWm5MKhFNVw3pomIMVxZebPI3F0ZpRThdf/uZfres2duwdTJpLCEo7tVG0plIrkOUdAOMNeE85U1f70dGpC5cH1exkQwE+R/kzNKz7sqefVna6RtoZvdIV+6E8hYTQVV2KKTcqtAXyY7iLMvXIwL97NB7fTqBksQf9mGF6eY2inMtj0l0nr+soupAj6F/yQbhlVAkPqOoUYgXjWxxLNqp304djmCTzSN/SjmCNTvwJbynpoYQykUyqodV+oBhjdiku0N51gobSKTr5gP0adUc5SMDc8pCWHniW2cn51otsEPAxQi9kWmsm7Ygq95NZR5700T0AGjonnG9ReCWo2t0QhPfVqtbWK4atFniKoTXWEwXyPVtl+GRqRAbaCwqHP+pMcGJzHeOKFERkPkzfvN33oSsJltq9ip79uE4KlYACDc3qc5JcKgExlP3Y164ondDDWej9XnekN4iL9UxChLSNjTJRwv/61TJw6n2xWRBkna84X7uuV7r0KGsGuy1TIHrxDFaWIZJgiPXRh/kJ4J2i5jDzZAxX9HVzKB2qaGThs/TgkfMTwPMjIYGWT1Dc2vmgwaovTrtG/h8yQuixLjBjcWeAmeFGg1EvKiQ14o2nB7Co2aChfgIrORzGqL6HjcsJ9HZHsJHfNP/eZyBSqV4GxyhKp0LjFhzwXi4kaGtgfFLXm/ZneHl2VTjI1nNg/ztadathG0z23V2s3zlh3sbwklA56PgcW3bTmZMZB/W7MRwR58RYhYrOwfX7QsGACkjqnMuNWDqqs3quANZBERaaRoNYvoHvvQbB2IUE7qYETyv6SVMPiZ4llIPQ9jC+h+CZ6j/ujzx5obvqiGISCS8hey9OkLqeZQ6MDnLK4jCIge2sKUFj8M2vK53g52jBW19VTl0AJlJetjwnyfpbpFUB5wuWiztLFI8ot04y1COB7dVPibJ1cEfMipjRjDyAecZESbYx8028nDIFuOtxVm6rpleneiX0sUX7GdChzEYyUz0+jcN+s0uQQPoIM5naP/iAuQdQgib7LTkZ+NPPGevl5wO3XwfDu5OLxr5nOYAfjB0t1XtapcDFLWpjuWr8IWdJ5KGAcSfSjr3533WBF5/sM3Po/il6/DEk7OblFMJpoPoSERxoGdaAH7hxE/xPDWNqdOF8BI/P8wUX/0aqGK8ofQMJd72gu+14AGWdAqkcSTaT7Q3iJIGXAnf0KiBdaXrwdYHO1iAZrq79r7EhDfgOITyja5gWMTCSmOcnsrQdFDxTL8BA+/HwM+w31km4FHAG+3Mj5hIwCHy0qVfNTbFYBYq5sfm8Eq4UHfXwlZucnCQ+IfdKqy8Xq0tQJ8ftXVEtmamPI1ohEYn30K5XD9pOobxyRlJmwhvXAt4TchkiQZeeFjhpcOoqmGp9z52Pz/aQl3f25q/kOgkWyDjv+z+BF1zgFfN7aZPdJyeSvz6rM2cO7wdne9bMl/lJt6aOoaaHikA3m/l0XQKVVKTEkZtTF92AjfvGoMuln0oRZsXwbuekrdXHBNm3+yQFmRDttTG0jJ2jYaHY5vDNFCBr+D0qbBkV+FFWRWb9C3gweV564vuTSuqKgMWw=
Content-Type: multipart/alternative; boundary="_000_AM4PR0701MB2195B935724D8DF4EE9257D4F45E9AM4PR0701MB2195_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM4PR0701MB2195.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7d293a70-a350-4fcf-191d-08d9df293287
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jan 2022 11:03:48.3534 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: d//lczmP36R/MimA90Q2h5AFHW5G4QRqzktQcFg3YxFajs1k8AuC0bV6YQvENeql+ZLQVEI4D8ko3J+r5y+YV20Lhe/PVdz/2Ztnum3s7gE=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR3PR07MB6684
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/PlTY5o2NWtZaHZSr7WWgdTNLhYk>
Subject: Re: [Lake] Ways forward on MTI cipher suite text
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Jan 2022 11:04:00 -0000

Hi Uri,

Just to see if I understand your comment, I compared your recent response with the mail from December:

https://mailarchive.ietf.org/arch/msg/lake/1ifhkgxtqIHgt2AuQ6UMytkbY-o/

I thought Option 1, i.e. having recommended by not MTI cipher suites, matched the position in the referenced email better.  Maybe I misunderstood something?

Göran


From: Lake <lake-bounces@ietf.org> on behalf of Blumenthal, Uri - 0553 - MITLL <uri@ll.mit.edu>
Date: Thursday, 20 January 2022 at 22:41
To: lake@ietf.org <lake@ietf.org>
Cc: Mališa Vučinić <malisa.vucinic@inria.fr>, Russ Housley <housley@vigilsec.com>
Subject: Re: [Lake] Ways forward on MTI cipher suite text
I agree with Russ, and support “sole“ MTI 2/3.

TNX

Regards,
Uri

> On Jan 20, 2022, at 15:37, Russ Housley <housley@vigilsec.com> wrote:
>
> Selecting one MTI provides the broadest possible interoperability.  I think it would be harmful at this stage to divide the implementers into 0/1 and 2/3.
>
> Russ
>
>> On Jan 20, 2022, at 3:33 PM, Mališa Vučinić <malisa.vucinic@inria.fr> wrote:
>>
>> Russ,
>>
>> Thanks for your feedback. Could you state any technical arguments why do you believe that would be the best way forward?
>>
>> Mališa
>>
>>>> On 20 Jan 2022, at 21:22, Russ Housley <housley@vigilsec.com> wrote:
>>>
>>> I would prefer to see one MTI (Option 2).  I can live with that MIT being 0/1 or 2/3, and I have a mild preference for 2/3.
>>>
>>> Russ
>>>
>>>
>>>> On Jan 20, 2022, at 12:03 PM, Mališa Vučinić <malisa.vucinic@inria.fr> wrote:
>>>>
>>>> Dear all,
>>>>
>>>> During the last LAKE interim meeting, we discussed the issue
>>>> of an MTI cipher suite and we agreed for the chairs to open a
>>>> thread on the subject. As a reminder, the previous discussion
>>>> points on this topic are summarized in github [1] and in
>>>> John’s mail dated 13 May 2021 [2].
>>>>
>>>> We’d like to see if there is rough consensus in the WG on
>>>> this topic, at this moment in time. Knowing that the formal
>>>> analysis of the EDHOC-12 specification is under way, we
>>>> should keep in mind that additional input may arrive down the
>>>> road from teams working in the computational model.
>>>>
>>>> As a reminder, the most recently discussed text for this
>>>> is in a PR [3] and states:
>>>>
>>>> “For many constrained IoT devices it is problematic to support several crypto primitives. Existing devices can be expected to support either ECDSA or EdDSA. Cipher suites 0 (AES-CCM-16-64-128, SHA-256, 8, X25519, EdDSA, AES-CCM-16-64-128, SHA-256) and 1 (AES-CCM-16-128-128, SHA-256, 16, X25519, EdDSA, AES-CCM-16-64-128, SHA-256) only differ in size of the MAC length, so supporting one or both of these is no essential difference. Similarly for cipher suites 2 (AES-CCM-16-64-128, SHA-256, 8, P-256, ES256, AES-CCM-16-64-128, SHA-256) and 3 (AES-CCM-16-128-128, SHA-256, 16, P-256, ES256, AES-CCM-16-64-128, SHA-256). To enable as much interoperability as possible, less constrained devices SHOULD implement all four cipher suites 0-3. Constrained endpoints SHOULD implement cipher suites 0 and 1, or cipher suites 2 and 3. Implementations only need to implement the algorithms needed for their supported methods.”
>>>>
>>>> The options we see at this moment in time are:
>>>>
>>>> Option 1: Keep current text as-is unless/until more feedback
>>>> is provided that motivates re-opening this issue
>>>> Option 2: Proceed with selecting a single MTI cipher suite
>>>>
>>>> We'd like to know if the WG can live with Option 1. Note that
>>>> doesn't mean you think option 1 is perfect, just that it's
>>>> something with which you can live. If you prefer option 2 or
>>>> some other option please suggest specific text.
>>>>
>>>> Mališa and Stephen
>>>>
>>>> [1] https://github.com/lake-wg/edhoc/issues/22
>>>> [2] https://mailarchive.ietf.org/arch/msg/lake/75nRaD6czYG6RqLT06Qe8C_lsaM/
>>>> [3] https://github.com/lake-wg/edhoc/pull/225/files
>>>
>>
>
> --
> Lake mailing list
> Lake@ietf.org
> https://www.ietf.org/mailman/listinfo/lake

v2.23.0 | Report a Bug | By Email