Re: [Lake] [lake-wg/reqs] Placeholder for resumption (e743c87)
Michael Richardson <mcr+ietf@sandelman.ca> Mon, 10 February 2020 12:18 UTC
Return-Path: <mcr@sandelman.ca>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3DDB21200C7 for <lake@ietfa.amsl.com>; Mon, 10 Feb 2020 04:18:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Myawphfm0pf for <lake@ietfa.amsl.com>; Mon, 10 Feb 2020 04:18:50 -0800 (PST)
Received: from relay.sandelman.ca (relay.cooperix.net [176.58.120.209]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 338511200E5 for <lake@ietf.org>; Mon, 10 Feb 2020 04:18:49 -0800 (PST)
Received: from dooku.sandelman.ca (unknown [46.114.36.154]) by relay.sandelman.ca (Postfix) with ESMTPS id CE98B1F459 for <lake@ietf.org>; Mon, 10 Feb 2020 12:18:46 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id 465531A092C; Mon, 10 Feb 2020 13:18:44 +0100 (CET)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: lake@ietf.org
In-reply-to: <lake-wg/reqs/commit/e743c873a24f03c88019df5ca275660677f56e8a/37200172@github.com>
References: <lake-wg/reqs/commit/e743c873a24f03c88019df5ca275660677f56e8a@github.com> <lake-wg/reqs/commit/e743c873a24f03c88019df5ca275660677f56e8a/37200172@github.com>
Comments: In-reply-to ekr <notifications@github.com> message dated "Sun, 09 Feb 2020 15:02:06 -0800."
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 25.2.1
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Mon, 10 Feb 2020 13:18:44 +0100
Message-ID: <23690.1581337124@dooku>
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/mFZrXKTIXzriB2ZVClKKqxJGiz0>
Subject: Re: [Lake] [lake-wg/reqs] Placeholder for resumption (e743c87)
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Feb 2020 12:18:52 -0000
Taking this to the list.
ekr> This seems like generally good text, but I feel like perhaps there is
ekr> another angle on it, specifically, whether it should be possible to do
ekr> a new AKE exchange efficiently.
> Perhaps
> "The AKE shall provide a mechanism to use the output of one handshake
> to optimize future handshakes, e.g., by generating keying material
> which can be used to authenticate a future handshake, thus avoiding the
> need for public key authentication in that handshake".
EKR, there is some subtly here.
The text speaks about avoiding public key authentication.
I'm unclear if that include DH exponentiation or not.
Your question begs a more general question, which I think speaks to 'session
resumption' situation, I think.
And I guess there is distinction between:
1) avoiding expensive authentication, assuming a round for PFS.
2) avoiding expensive authentication, no PFS
3) re-establishing state after a restart, or a long sleep.
(the responder might have expired the session data)
4) doing an exchange to rekey for PFS
(3) is different in a connectionless CoAP situation where there isn't a TCP
session to maintain. Do we include mechanism in AKE, integrating into
OSCORE, such the responder initiates a session resume when it sees an OSCORE
context that it does not recognize?
--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
-= IPv6 IoT consulting =-
- Re: [Lake] [lake-wg/reqs] Placeholder for resumpt… Michael Richardson
- Re: [Lake] [lake-wg/reqs] Placeholder for resumpt… Eric Rescorla
- Re: [Lake] [lake-wg/reqs] Placeholder for resumpt… Michael Richardson
- Re: [Lake] [lake-wg/reqs] Placeholder for resumpt… Göran Selander