IETF Logo Mail Archive

Re: [MLS] KDF instead of hashing up the tree

Benjamin Beurdouche <benjamin.beurdouche@inria.fr> Fri, 08 February 2019 13:07 UTC

Return-Path: <benjamin.beurdouche@inria.fr>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 213C912EB11 for <mls@ietfa.amsl.com>; Fri, 8 Feb 2019 05:07:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ibrXpxsBF-5h for <mls@ietfa.amsl.com>; Fri, 8 Feb 2019 05:07:46 -0800 (PST)
Received: from mail2-relais-roc.national.inria.fr (mail2-relais-roc.national.inria.fr [192.134.164.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 60F441288BD for <mls@ietf.org>; Fri, 8 Feb 2019 05:07:44 -0800 (PST)
X-IronPort-AV: E=Sophos;i="5.58,347,1544482800"; d="scan'208";a="368580064"
Received: from wifi-pro-82-044.paris.inria.fr ([128.93.82.44]) by mail2-relais-roc.national.inria.fr with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 08 Feb 2019 14:07:39 +0100
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
From: Benjamin Beurdouche <benjamin.beurdouche@inria.fr>
In-Reply-To: <dac4e3a8-daae-5ff3-b2c5-1307b7c47a3c@datashrine.de>
Date: Fri, 08 Feb 2019 14:07:39 +0100
Cc: ML Messaging Layer Security <mls@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <3AEA12C9-60EE-4018-9339-34AA26E0402F@inria.fr>
References: <dc702cea-d780-216b-ab8e-1eba99a2bace@datashrine.de> <CAL02cgTdx7_=t9jfZj2iFULFK4x-RSL+J5LrqRN=3co1nSKS7A@mail.gmail.com> <DB120F33-B500-42F2-8117-8883B396B278@gmail.com> <7507c820-d574-a570-6aba-c469366cc9c5@datashrine.de> <CAL02cgSsoi5JiEpLf4PCP0MufS2qAJQugW7WOVFVkH0ffLURfA@mail.gmail.com> <321d21c2-22ab-def4-7014-8948eeaa0dea@datashrine.de> <1AF700AD-243F-4BDD-AC44-F57CAF115E80@inria.fr> <05a6578c-2cc9-5338-e5df-3f13b9eb216f@datashrine.de> <dac4e3a8-daae-5ff3-b2c5-1307b7c47a3c@datashrine.de>
To: Konrad Kohbrok <konrad.kohbrok@datashrine.de>
X-Mailer: Apple Mail (2.3445.102.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/F1AoTNLIBRd4dgxiBXXgNbBE7qQ>
Subject: Re: [MLS] KDF instead of hashing up the tree
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Feb 2019 13:07:48 -0000


> On Feb 8, 2019, at 1:17 PM, Konrad Kohbrok <konrad.kohbrok@datashrine.de> wrote:
> 
> Next question: Is it worth editing the RFC beyond the "Cryptographic Objects"
> headline? There is a lot of DH-specific stuff that seems to be somewhat outdated
> anyway if we aim for a KEM-agnostic design.
> 
> Konrad


Unclear, but I don’t think it is worth it. I am already handling most of theses changes
as part Issue #95 already.

Changes seems quite confined to the "Ratchet Tree Nodes” section otherwise.
Something useful would be, in this section, to change from Hash to KDF and replace
the mention of DH by a KEM as well. Mentions of hashing outside this section seem
related to the key schedule, so these do not need to be changed.

B.

v2.23.0 | Report a Bug | By Email