IETF Logo Mail Archive

Re: [MMUSIC] 4572 update: forbid weak hashes?

Roman Shpount <roman@telurix.com> Thu, 07 April 2016 19:31 UTC

Return-Path: <roman@telurix.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD8C512D149 for <mmusic@ietfa.amsl.com>; Thu, 7 Apr 2016 12:31:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=telurix-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pQ1XlrOSlLrp for <mmusic@ietfa.amsl.com>; Thu, 7 Apr 2016 12:31:47 -0700 (PDT)
Received: from mail-ig0-x234.google.com (mail-ig0-x234.google.com [IPv6:2607:f8b0:4001:c05::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5513A12D0EF for <mmusic@ietf.org>; Thu, 7 Apr 2016 12:31:47 -0700 (PDT)
Received: by mail-ig0-x234.google.com with SMTP id g8so79639144igr.0 for <mmusic@ietf.org>; Thu, 07 Apr 2016 12:31:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telurix-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=EUeTezQuiP00fQ3Jvi/1Jkty2gEtd46sT7Toda7QeBg=; b=yrN0PXZ/X+u4Q3ihDnl3/S8499R9B8fh+hYijzeFsXDm6AouLL58alhfYWfAuNzXgO qlTtorHnpWMeQjjoBxqWsaVAglmBMaoTSEkMt/SWxT3aeafmt9jxZS9paos1RTV7hEuz eaYFQOUga1CQJyKSIBL46lDpg88pE0faA0LPagkRUgGr5o/utRgS0BLJfKY6SKA9Lx6U b3nnkBfYTsbuykWk41j5XUBWanZ79yMb14nCROnPJGVN7yYsJ7HLTJTl9DvwYiJjO7OL dhPZUtodGA4op50AN8fRkkl5jbVlbvLDPH6Fx1tvdAwgve7cjT6BbD0Uq/U3xXwI3hhe E25w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc; bh=EUeTezQuiP00fQ3Jvi/1Jkty2gEtd46sT7Toda7QeBg=; b=axj6XA9CvDpw9AyKw4g5PuC+Hzj9YrGEW+39xcGTdB6I5Wk0CYnpnTEbgGCo4sOESK jkzKBcxqXWl+GO69megSbvpciiDPsQ9YyBPfN1LQyFCw24wKxhNRbxja+eDFV1BNmjcx ogYbZTibnsDjDmlTylP3GwFrfpZ2VwrWeUPKm8ghdCMXG5ZPX3fS/Uw+WCq3b0gRZdTN +6UHs6rodAm0XIsOgrKB/PXHBSHXcTldbTK8kFe/WbPWraRNbFKSCmr/WaLf2Alxe41b t1x4sXudRA2SYJeDgqZ1suTuqOl+ODhew8DizBE2sFYpsaskuWx/DrGIelH6jfsKHALF D8Tw==
X-Gm-Message-State: AD7BkJJMWd39j8lwIY3Sv6pKlWMAlUZmmtrK5l30nAKLylZHYvVL2s8faR0eEE/0A7OA0Q==
X-Received: by 10.50.43.164 with SMTP id x4mr5152651igl.56.1460057506590; Thu, 07 Apr 2016 12:31:46 -0700 (PDT)
Received: from mail-io0-f174.google.com (mail-io0-f174.google.com. [209.85.223.174]) by smtp.gmail.com with ESMTPSA id e75sm4366677ioj.19.2016.04.07.12.31.46 for <mmusic@ietf.org> (version=TLSv1/SSLv3 cipher=OTHER); Thu, 07 Apr 2016 12:31:46 -0700 (PDT)
Received: by mail-io0-f174.google.com with SMTP id g185so106336560ioa.2 for <mmusic@ietf.org>; Thu, 07 Apr 2016 12:31:46 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.107.157.70 with SMTP id g67mr4826269ioe.38.1460057505815; Thu, 07 Apr 2016 12:31:45 -0700 (PDT)
Received: by 10.36.106.194 with HTTP; Thu, 7 Apr 2016 12:31:45 -0700 (PDT)
In-Reply-To: <5706B499.9030209@alum.mit.edu>
References: <4D60EE45-BECA-4A46-98EF-FF4AA482B42E@vidyo.com> <7594FB04B1934943A5C02806D1A2204B37F27B70@ESESSMB209.ericsson.se> <CABkgnnU0qwkUGLv4rkax3hbat9Fb6kXDH9TKZv3MukepN7PkmQ@mail.gmail.com> <57067AFE.9070704@alum.mit.edu> <CAD5OKxtX9HLWJJgKsG7hNJbRB1muS+fe8Pnnm=g4+=ryPyMN+A@mail.gmail.com> <5706B499.9030209@alum.mit.edu>
Date: Thu, 07 Apr 2016 15:31:45 -0400
X-Gmail-Original-Message-ID: <CAD5OKxu_Ok2Cpb6Zvim4RtOpab3UY1xMWrJtODVHiqJBR_vfJA@mail.gmail.com>
Message-ID: <CAD5OKxu_Ok2Cpb6Zvim4RtOpab3UY1xMWrJtODVHiqJBR_vfJA@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
To: Paul Kyzivat <pkyzivat@alum.mit.edu>
Content-Type: multipart/alternative; boundary="001a1140b472fcac41052fea20fc"
Archived-At: <http://mailarchive.ietf.org/arch/msg/mmusic/2Jkv5Yn3Mq8OW03pDKxZvE8Vpeo>
Cc: "mmusic@ietf.org" <mmusic@ietf.org>
Subject: Re: [MMUSIC] 4572 update: forbid weak hashes?
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Apr 2016 19:31:49 -0000

On Thu, Apr 7, 2016 at 3:27 PM, Paul Kyzivat <pkyzivat@alum.mit.edu> wrote:

> On 4/7/16 3:08 PM, Roman Shpount wrote:
>
>> There is no reason to sort. This will not make hash check any more
>>
> secure. If a hash you consider secure is compromised you will just get
>> false positive slightly later. There is probably a reason to sort hashes
>> based on the amount of resources it will take for you to check them,
>> with easiest to check first  in order to optimize the hash checking
>> process. This will likely sort the hashes weakest first.
>>
>
> If everybody did this, and the easiest to check one is compromised, and
> used by a MiTH to inject a bogus cert that matches that nobody might
> notice. Isn't that undesirable?
>

This is why you should discard hashes that you consider too weak. After you
done this, since any single hash match is sufficient, it does not matter in
what order the hashes are checked. If the weak hash is present, the session
will be accepted.
_____________
Roman Shpount

v2.23.0 | Report a Bug | By Email