Re: [Lurk] Cryptoanalysis of KeyLess SSL

Daniel Migault <daniel.migault@ericsson.com> Tue, 02 May 2017 13:15 UTC

Return-Path: <daniel.migault@ericsson.com>
X-Original-To: lurk@ietfa.amsl.com
Delivered-To: lurk@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54320129BF9 for <lurk@ietfa.amsl.com>; Tue, 2 May 2017 06:15:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.5
X-Spam-Level:
X-Spam-Status: No, score=-1.5 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CHqr8O4Px11X for <lurk@ietfa.amsl.com>; Tue, 2 May 2017 06:15:04 -0700 (PDT)
Received: from usplmg20.ericsson.net (usplmg20.ericsson.net [198.24.6.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D396012EC16 for <lurk@ietf.org>; Tue, 2 May 2017 06:10:30 -0700 (PDT)
X-AuditID: c618062d-481ff70000000cf0-9a-5908982cb089
Received: from EUSAAHC002.ericsson.se (Unknown_Domain [147.117.188.78]) by usplmg20.ericsson.net (Symantec Mail Security) with SMTP id 34.50.03312.C2898095; Tue, 2 May 2017 16:31:12 +0200 (CEST)
Received: from EUSAAMB107.ericsson.se ([147.117.188.124]) by EUSAAHC002.ericsson.se ([147.117.188.78]) with mapi id 14.03.0339.000; Tue, 2 May 2017 09:10:26 -0400
From: Daniel Migault <daniel.migault@ericsson.com>
To: Dmitry Belyavsky <beldmit@gmail.com>, LURK BoF <lurk@ietf.org>
Thread-Topic: [Lurk] Cryptoanalysis of KeyLess SSL
Thread-Index: AQHSwB0XQcLg542q2U+dDW9ClEpGA6HhCMow
Date: Tue, 2 May 2017 13:10:25 +0000
Message-ID: <2DD56D786E600F45AC6BDE7DA4E8A8C118BD7A75@eusaamb107.ericsson.se>
References: <CADqLbzKCWg5VgEd=c0dAEdh4rGuAu-4V-2kuBdC86ZvapMnJhQ@mail.gmail.com>
In-Reply-To: <CADqLbzKCWg5VgEd=c0dAEdh4rGuAu-4V-2kuBdC86ZvapMnJhQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.117.188.12]
Content-Type: multipart/alternative; boundary="_000_2DD56D786E600F45AC6BDE7DA4E8A8C118BD7A75eusaamb107erics_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrJLMWRmVeSWpSXmKPExsUyuXSPn67BDI5Igz0reC3ObZ3FavF2jZ8D k8fOWXfZPZYs+ckUwBTFZZOSmpNZllqkb5fAldG06RlzwRTjiosft7A1MN4w7GLk4JAQMJHo uanexcjFISRwlFGiZf9LJghnGaPEtVMdrF2MnBxsAkYSbYf62UFsEQEnifOvJzCD2MIChhIb T0yEihtJ/L3xghHGPtG8BSzOIqAiMeX0ebB6XgFfiVd/FoLNFBIIkHj79QyYzSkQKHFm+Sw2 EJtRQEzi+6k1TCA2s4C4xK0n88FsCQEBiSV7IOZICIhKvHz8jxXCVpKY8/oaM0R9vsT3y61M ELsEJU7OfMIygVF4FpJRs5CUzUJSNgsYFswCmhLrd+lDlChKTOl+yA5ha0i0zpnLjiy+gJF9 FSNHaXFBTm66kcEmRmCEHJNg093BeH+65yFGAQ5GJR7eBeXskUKsiWXFlbmHGCU4mJVEeGMa OCKFeFMSK6tSi/Lji0pzUosPMUpzsCiJ8044fyFCSCA9sSQ1OzW1ILUIJsvEwSnVwMgbEeCg ZTnRXvhKyH7zvbanczdPUD13Icu9YncD45vHjwLP2AlyeLxP6WyfuGCeyeWymLSP/59nzUsu y+Qx9+yTO9XwKIbL9Z9baZjAv/b1PcmrViw6+sBb8Z7gDJNv71xzmCO/ZXHXHf43Z91Fw2v6 P7LVPuqGCE2fl71JNf1+ooaBUscRLyWW4oxEQy3mouJEAMvCtCWMAgAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/lurk/YMHYeVIawrRn8QreIcpHSHdeRqc>
Subject: Re: [Lurk] Cryptoanalysis of KeyLess SSL
X-BeenThere: lurk@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Limited Use of Remote Keys <lurk.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lurk>, <mailto:lurk-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lurk/>
List-Post: <mailto:lurk@ietf.org>
List-Help: <mailto:lurk-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lurk>, <mailto:lurk-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 May 2017 13:15:09 -0000

Thanks for posting this paper Dimitry. I went through the paper on my way to Chicago. It would be great people have a look at it and provide feed back regarding the current proposal for LURK. I will definitively revise the security consideration and clarify text according to this paper. An extended paper is also expected to be published.

Yours,
Daniel

From: Lurk [mailto:lurk-bounces@ietf.org] On Behalf Of Dmitry Belyavsky
Sent: Friday, April 28, 2017 8:41 AM
To: LURK BoF <lurk@ietf.org>
Subject: [Lurk] Cryptoanalysis of KeyLess SSL

Hello,

JFYI
http://epubs.surrey.ac.uk/813643/1/mainKeyless.pdf


--
SY, Dmitry Belyavsky