IETF Logo Mail Archive

Re: [Lurk] draft-erb-lurk-rsalg

"Salz, Rich" <rsalz@akamai.com> Wed, 01 June 2016 17:09 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: lurk@ietfa.amsl.com
Delivered-To: lurk@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B163112D094 for <lurk@ietfa.amsl.com>; Wed, 1 Jun 2016 10:09:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.126
X-Spam-Level:
X-Spam-Status: No, score=-4.126 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c4E3yjRtfRaM for <lurk@ietfa.amsl.com>; Wed, 1 Jun 2016 10:09:28 -0700 (PDT)
Received: from prod-mail-xrelay07.akamai.com (prod-mail-xrelay07.akamai.com [23.79.238.175]) by ietfa.amsl.com (Postfix) with ESMTP id 2117412B007 for <lurk@ietf.org>; Wed, 1 Jun 2016 10:09:28 -0700 (PDT)
Received: from prod-mail-xrelay07.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id 2EE0B433662; Wed, 1 Jun 2016 17:09:27 +0000 (GMT)
Received: from prod-mail-relay11.akamai.com (prod-mail-relay11.akamai.com [172.27.118.250]) by prod-mail-xrelay07.akamai.com (Postfix) with ESMTP id 183FC433650; Wed, 1 Jun 2016 17:09:27 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; s=a1; t=1464800967; bh=WXIu4j2eGlxBbQU9xN8XUWWhq3BXT9YenOwpXmmGg9U=; l=10886; h=From:To:CC:Date:References:In-Reply-To:From; b=Su9MSK5BxvmWk0P55CIjRfQIwKEBB+FQWsllyalXwDjMgMrWJXBvPB0P94d+OrdAn qwGq4WHFjsnkhtWxyO9cnLnsLsdZYshN9H8nYOjSMjx2c/gvHSrCiwKwH7lTFUFNmX AqjskRPOO6MIpTTCtCuPrceBpOj9y/65nCdxM21o=
Received: from email.msg.corp.akamai.com (usma1ex-cas2.msg.corp.akamai.com [172.27.123.31]) by prod-mail-relay11.akamai.com (Postfix) with ESMTP id 150FB1FC90; Wed, 1 Jun 2016 17:09:27 +0000 (GMT)
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb5.msg.corp.akamai.com (172.27.123.105) with Microsoft SMTP Server (TLS) id 15.0.1130.7; Wed, 1 Jun 2016 13:09:26 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1130.005; Wed, 1 Jun 2016 13:09:26 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: "emile.stephan@orange.com" <emile.stephan@orange.com>
Thread-Topic: draft-erb-lurk-rsalg
Thread-Index: AdG2oOngMNPONAozTT6BlITkLElwVgADXNnQAVi8ZmAABcCnEA==
Date: Wed, 01 Jun 2016 17:09:26 +0000
Message-ID: <1022186077594574b1ce7ebcad1599ae@usma1ex-dag1mb1.msg.corp.akamai.com>
References: <29549_1464193095_5745D047_29549_13265_1_5AE9CCAA1B4A2248AB61B4C7F0AD5FB90FAE4EC9@OPEXCLILM44.corporate.adroot.infra.ftgroup> <49b5d54c7fc74055a9b53a743ca90b20@usma1ex-dag1mb1.msg.corp.akamai.com> <18427_1464793678_574EFA4E_18427_10973_1_5AE9CCAA1B4A2248AB61B4C7F0AD5FB90FAF5CFB@OPEXCLILM44.corporate.adroot.infra.ftgroup>
In-Reply-To: <18427_1464793678_574EFA4E_18427_10973_1_5AE9CCAA1B4A2248AB61B4C7F0AD5FB90FAF5CFB@OPEXCLILM44.corporate.adroot.infra.ftgroup>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.40.220]
Content-Type: multipart/alternative; boundary="_000_1022186077594574b1ce7ebcad1599aeusma1exdag1mb1msgcorpak_"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/lurk/11GTXJqX_B5lKWKZdgbAHDweSNg>
Cc: "lurk@ietf.org" <lurk@ietf.org>
Subject: Re: [Lurk] draft-erb-lurk-rsalg
X-BeenThere: lurk@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Limited Use of Remote Keys <lurk.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lurk>, <mailto:lurk-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lurk/>
List-Post: <mailto:lurk@ietf.org>
List-Help: <mailto:lurk-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lurk>, <mailto:lurk-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jun 2016 17:09:31 -0000

One round-trip per PMS computation.

--
Senior Architect, Akamai Technologies
IM: richsalz@jabber.at Twitter: RichSalz

From: emile.stephan@orange.com [mailto:emile.stephan@orange.com]
Sent: Wednesday, June 01, 2016 11:08 AM
To: Salz, Rich
Cc: lurk@ietf.org
Subject: RE: draft-erb-lurk-rsalg


Hi Rich,



How many flights are there in the following:



   The basic premise of RSALG is that in the TLS_RSA_* handshakes:



   o  The KeyOwner will not decrypt the PMS and provide it back to the

      Server.  Instead, the KeyOwner will full compute the Master Secret

      (via the PRF function) and provide that.



   o  The Server will choose a random ephemeral value, N, and provide a

      cryptographically-hashed value of (such as SHA256(N)) as its

      Server Random value.  The Server sends N to KeyOwner which then

      computes the same hashed value and uses that hash as its input to

      the PRF.



Regards

Emile



-----Original Message-----
From: Salz, Rich [mailto:rsalz@akamai.com]
Sent: mercredi 25 mai 2016 19:54
To: STEPHAN Emile IMT/OLN; lurk@ietf.org<mailto:lurk@ietf.org>
Subject: RE: draft-erb-lurk-rsalg





> I was reading section 3.2. do you have more details on the flights ?



Not sure what you mean, sorry.

_________________________________________________________________________________________________________________________



Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc

pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler

a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,

Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.



This message and its attachments may contain confidential or privileged information that may be protected by law;

they should not be distributed, used or copied without authorisation.

If you have received this email in error, please notify the sender and delete this message and its attachments.

As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.

Thank you.

v2.23.0 | Report a Bug | By Email