Re: [Lake] Lake charter call for comments

Göran Selander <goran.selander@ericsson.com> Tue, 10 September 2019 10:17 UTC

Return-Path: <goran.selander@ericsson.com>
X-Original-To: lake@ietfa.amsl.com
Delivered-To: lake@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7633120091 for <lake@ietfa.amsl.com>; Tue, 10 Sep 2019 03:17:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KWOK_wV1o_Da for <lake@ietfa.amsl.com>; Tue, 10 Sep 2019 03:17:05 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70047.outbound.protection.outlook.com [40.107.7.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5D82812002E for <lake@ietf.org>; Tue, 10 Sep 2019 03:17:05 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XKQ563fkDPPANNY9dbRQ6lBVMSUIOPHGjqImeZjl/WGQiMiJNK46BxjYx03bkT1I/EzFQ+445aM3aSlfV+56ZKkgA2YzZ2br5QZK7Bc1rS1jIjfvWoyIus9B+n7bLw5IV4XgZYS8keVNu9Pk9E8isy3srfQrM331UOFxZhsqMZ6G+eQEG9iDj/5pQ72i9CDzcfEkYLf4Y/GPyoPILR7mmXt+1QuhvoqpCb3NtScUraFIB650glkt9RHjAzNj43anUw6cWBZ7XySkLEmgnKyHeM1nhH3XAarYxBkvdIO05vDBX91DP2VbOoyI5S7G2XEC74DWiCzfkeUXd6LP4ilHPw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=M3Sgp/fhNXvEXt0UMoemv+F6Y8vvlOOqGEO1k88Vgr8=; b=BtN35B8eoNgpeV9I/1j4r6RV40lb3mO4C7nfUDiS0eU54X2Pn9ETqhpGe2PrmVtIEY31T95sZCJ2Iagnbmi7IMyi2hPZmCWkDj3JNjKOjI+f6Vp2OHMJa/j+ikewm33SkyG3p8HzA9Xwm8hkaxO8mnbfsFidjjAbcS2b9XB2+GzpJWqLcb2WyoRtxkgvDwMJyzOpW5sFsUvWA6dTgOXKVjkQi1+dFXlYoGfZbF+46Qpkcz0VXy9/Mdg//Qpm7r8qioSUKMU2WsBi4mu+KRcDNf6PnB9n2AfUulIORP2UijNSCdxgrCmQGOYvdb/axhLFgNlPIBnjQk/WsHU1E7XIsw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=M3Sgp/fhNXvEXt0UMoemv+F6Y8vvlOOqGEO1k88Vgr8=; b=fCJeBNGqLo7PvZFW7JQf01L5PlolWEvTSpSmpK5NRd+7BRsJE6ntISTYWStZ8+WWpJwoqVzOTMKkntYYl2fu/RM+eylDBuvXOp7sTce0WRLRc9wRFnRLmVcXjlLtgwLWi6VTRgDfV5ftkhbsD1Rcd9UXi63IDDPV9ksiWbiXxNI=
Received: from DB6PR07MB4167.eurprd07.prod.outlook.com (10.168.19.153) by DB6PR07MB3335.eurprd07.prod.outlook.com (10.170.220.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.10; Tue, 10 Sep 2019 10:17:02 +0000
Received: from DB6PR07MB4167.eurprd07.prod.outlook.com ([fe80::e0af:a3b7:ac01:6461]) by DB6PR07MB4167.eurprd07.prod.outlook.com ([fe80::e0af:a3b7:ac01:6461%4]) with mapi id 15.20.2263.005; Tue, 10 Sep 2019 10:17:02 +0000
From: Göran Selander <goran.selander@ericsson.com>
To: "Salz, Rich" <rsalz@akamai.com>, Benjamin Kaduk <kaduk@mit.edu>, "lake@ietf.org" <lake@ietf.org>
Thread-Topic: [Lake] Lake charter call for comments
Thread-Index: AQHVYt04Bi6c1rqFY0iKvaJLvhuFWqcjl5IAgAFE4gA=
Date: Tue, 10 Sep 2019 10:16:59 +0000
Message-ID: <ADC3E3F3-E45C-430F-BC04-A3EEC68E8F43@ericsson.com>
References: <20190904045654.GY58050@kduck.mit.edu> <D1F8429D-710A-4470-A8AC-4FF70AE56F97@akamai.com>
In-Reply-To: <D1F8429D-710A-4470-A8AC-4FF70AE56F97@akamai.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1c.0.190812
authentication-results: spf=none (sender IP is ) smtp.mailfrom=goran.selander@ericsson.com;
x-originating-ip: [213.89.213.86]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 487b1f33-fedf-4950-823e-08d735d8060c
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600166)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:DB6PR07MB3335;
x-ms-traffictypediagnostic: DB6PR07MB3335:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <DB6PR07MB3335D81C1B40C2EAFF6AEFAAF4B60@DB6PR07MB3335.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 01565FED4C
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(136003)(396003)(376002)(346002)(366004)(189003)(199004)(66066001)(486006)(71190400001)(71200400001)(85182001)(86362001)(478600001)(6486002)(229853002)(91956017)(316002)(33656002)(81156014)(7736002)(81166006)(8936002)(8676002)(305945005)(6666004)(99286004)(76116006)(256004)(2906002)(66446008)(64756008)(66556008)(66476007)(66946007)(102836004)(26005)(966005)(6436002)(25786009)(2501003)(14454004)(76176011)(6306002)(110136005)(58126008)(36756003)(6506007)(6246003)(2171002)(53936002)(6512007)(476003)(2616005)(11346002)(446003)(6116002)(85202003)(3846002)(66574012)(5660300002)(14444005)(186003); DIR:OUT; SFP:1101; SCL:1; SRVR:DB6PR07MB3335; H:DB6PR07MB4167.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: bRg6V7NtD7xQ17K6nFWiF2i7GtR8ofFT14d2LcrQQohcbyBYeDckKnRPzFCi0OjToOCRIeloM/atrsl9w+eAFa7V8VpgGW8KJA6zWUuxEqzvNs/e2IWahMJMC5oVDOMnF5OxbUCyqWLYRHy07yFNHJbKsqX5rEOtmCP0fOwVZ+R0S/1tRhopcznjhwWsmfEpVWZIT9yQg6Tp/fi927rB5HGIEnV442aE5YE98GQ7rcxjKap40QltM5d6wJgOeVACqnZ9pkHdf9rWce87OkfoIQxPLpfhkBboaJNK83pRmHfJ4OPeJ/ncRphUHV7bzYV/XhsScu05c5MIRb1m0iCDJOGRCIQ+ZZnbJyOf45MoiNiVbK8x6UsxSOgjZb/VeTnOVgfonXdRiEKOKFENN4WmNKhLHwb3WKrvXlpsvw7W7HQ=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <26A25C2D1C572541A64FA47081ED5958@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 487b1f33-fedf-4950-823e-08d735d8060c
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Sep 2019 10:16:59.4164 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: UuH+TWBJbiF3nPOM5pZLkE3sCq/8WmHsnFKoAeLbdO74iTo/nTd+IGcMSuQaiarbVQbhLmCSBFHLMC8OhQd4k6UqserAD/aYsvquEPY+1eg=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR07MB3335
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/rH2HHbtdm8JNhfjtVgIEDulSC6I>
Subject: Re: [Lake] Lake charter call for comments
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Sep 2019 10:17:09 -0000

Hi Rich,

Security requirements are of course part of the requirements activity in the WG. It is not clear to me what additional security requirements we need to put into the charter.

The crypto and key length requirements I can think of in the charter are either more or less obvious or require further analysis. In the obvious category, the LAKE must support the use and negotiation of adequate cipher suite and key lengths, ECC, etc.

Stating in a general way what is an adequate cipher suite and key length seems more difficult to do in the charter. Stanislav Smyshlyaev in his CFRG review of EDHOC [1] raised the question of a suite with P224 as a lightweight alternative. This illustrates a tradeoff between key length and message size, but this is still a question. (I don't propose we put the analysis of such tradeoffs in the charter, but leave this to the WG to analyse, if appropriate.)

Göran

[1] https://mailarchive.ietf.org/arch/msg/cfrg/2OY2om1FjhNNBmUzwYJroHv7eWQ


On 2019-09-09, 18:50, "Lake on behalf of Salz, Rich" <lake-bounces@ietf.org on behalf of rsalz@akamai.com> wrote:

    No mention of minimum security requirements that must be met?
    
    Would we take 1K public-keys or 3DES?
    
    
    -- 
    Lake mailing list
    Lake@ietf.org
    https://www.ietf.org/mailman/listinfo/lake