Re: [Ntp] Antw: [EXT] Re: Post NTS, Is shared key authentication interesting?
Daniel Franke <dfoxfranke@gmail.com> Wed, 27 May 2020 13:51 UTC
Return-Path: <dfoxfranke@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EAE393A0AD8 for <ntp@ietfa.amsl.com>; Wed, 27 May 2020 06:51:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ww6xJ2rpKe7M for <ntp@ietfa.amsl.com>; Wed, 27 May 2020 06:51:08 -0700 (PDT)
Received: from mail-il1-x12d.google.com (mail-il1-x12d.google.com [IPv6:2607:f8b0:4864:20::12d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC40F3A0A94 for <ntp@ietf.org>; Wed, 27 May 2020 06:51:08 -0700 (PDT)
Received: by mail-il1-x12d.google.com with SMTP id a18so6781301ilp.7 for <ntp@ietf.org>; Wed, 27 May 2020 06:51:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=jk9tNJbu4QOws8n3RFJ0GxzgQiePetThKBlbYkfoA94=; b=LRJGoOGjuxhA2GVi4ak1qJ56SrktzvhkkPHIi7i0tV0RmBvNV5c6bvN+6D2ozmeyOD wxcX4uaQMJF5QGVuJki9RlVcXct5U02T3A/AV6hebu5PbhRQ8TeWZxMv/c9jwekmdMbx FqYkEEyl23890F2onmg5MmNdBlnhFxjb3cgEbbM/cwWYMotj1UsOd9kIivCozyfjKq1X 9VcEnxYwK+gKXSt67VgHr9LxMCxggJrB6w9Qi6B4W1Aa/Nwh5xc6XhF7MwCUhAhTQCh6 5WAISiC5TCi/3uRk0fJsya6GW+csmx9+XbrIsOxKFPb/nOae66aQjmvzzgUAkh3b9k5N 47Yg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=jk9tNJbu4QOws8n3RFJ0GxzgQiePetThKBlbYkfoA94=; b=Vm7wzbis4+RdJjytbMitkEq7xAYMA8TggkQHzwHwj80l09B7jFcnjNkOTUeYGLlbAi 03+16OdfTfeZCyehPYx3PccsY8gTPqNCLKG0c3UYsXoNmaONN1F3dNMTHCiHZfVRrVc9 KjyxrBpT1L4P75T6f82SI300rsJG8B17l7DaKeFhGE/hN9/62SFeFZZCHMks31jU8js4 wp23rPYWgAfO68FGpS1xTam1e43XXcN9wQW+21BSPszNQG8xhknU1mbtP/6GsiQZ8iVb 0oA4qeSYYDs9xVpQgQv7BYp6v1Oiz59ysj9rNoY+yluaevwRfWNQY244MIhbo6Ow8SMt ttXA==
X-Gm-Message-State: AOAM533emTRvF8hWZ3d91cOH6XUYpPH1OnjeJrRqpgi3yQc2QRDH6Lid IwrFxOS3FYI3ywCDQp6Fiwc9yehuo3M/Of4BnId5s6qB
X-Google-Smtp-Source: ABdhPJwuOln3BU2xI4oR14zjxWipk5aGALhMVdrO3DDX1Ji3UvxfGKzPmHXgllolkt8JiwUdCgJeTsypwQSjFYwjv48=
X-Received: by 2002:a92:1906:: with SMTP id 6mr5683391ilz.144.1590587468042; Wed, 27 May 2020 06:51:08 -0700 (PDT)
MIME-Version: 1.0
References: <68248D4C020000916A6A8CFC@gwsmtp.uni-regensburg.de> <54A83DA70200003B43047E14@gwsmtp.uni-regensburg.de> <5ECE33E0020000A10003934B@gwsmtp.uni-regensburg.de> <20200527095536.GR2915@roeckx.be> <FAE302D1-126A-4393-9208-8EC1D9F6A7BD@akamai.com> <3c0b465c-69d7-2802-7963-a26d48e9931e@nwtime.org> <F87C6390-9487-4189-934F-E4DC502E3A6A@akamai.com> <a61b31aa-0956-f226-85b2-291c87875e35@nwtime.org>
In-Reply-To: <a61b31aa-0956-f226-85b2-291c87875e35@nwtime.org>
From: Daniel Franke <dfoxfranke@gmail.com>
Date: Wed, 27 May 2020 09:50:57 -0400
Message-ID: <CAJm83bBUC0f4AQdcEz0F3v2M7-h0S5T_rEJw8-TUA6kN=bo=Dw@mail.gmail.com>
To: Harlan Stenn <stenn@nwtime.org>
Cc: NTP WG <ntp@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000000456b205a6a181b5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/ZObLuvAwdRoHiQRBLB-JHokMx14>
Subject: Re: [Ntp] Antw: [EXT] Re: Post NTS, Is shared key authentication interesting?
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 May 2020 13:51:10 -0000
On Wed, May 27, 2020 at 9:46 AM Harlan Stenn <stenn@nwtime.org> wrote: > I think one could easily implement a bad system where this would be a > problem. > > In the normal use-case and with a "normal" implementation, I'm not > seeing how this can be a problem. I'm open to seeing that I'm missing > something, however. > Rich is correct that error oracles and timing oracles are a big, scary problem in a lot of crypto protocols, and you're correct that in the particular context we're discussing, there's nothing to worry about.
- [Ntp] Antw: [EXT] Re: Post NTS, Is shared key aut… Ulrich Windl
- Re: [Ntp] Antw: [EXT] Re: Post NTS, Is shared key… Kurt Roeckx
- Re: [Ntp] Antw: [EXT] Re: Post NTS, Is shared key… Kurt Roeckx
- Re: [Ntp] Antw: [EXT] Re: Post NTS, Is shared key… Miroslav Lichvar
- Re: [Ntp] Antw: [EXT] Re: Post NTS, Is shared key… Harlan Stenn
- [Ntp] Antw: Re: Antw: [EXT] Re: Post NTS, Is shar… Ulrich Windl
- [Ntp] Antw: Re: Antw: [EXT] Re: Post NTS, Is shar… Ulrich Windl
- Re: [Ntp] Antw: [EXT] Re: Post NTS, Is shared key… Salz, Rich
- Re: [Ntp] Antw: [EXT] Re: Post NTS, Is shared key… Harlan Stenn
- Re: [Ntp] Antw: [EXT] Re: Post NTS, Is shared key… Salz, Rich
- Re: [Ntp] Antw: [EXT] Re: Post NTS, Is shared key… Daniel Franke
- Re: [Ntp] Antw: [EXT] Re: Post NTS, Is shared key… Harlan Stenn
- Re: [Ntp] Antw: [EXT] Re: Post NTS, Is shared key… Daniel Franke