Re: [openpgp] lack of agenda items...
Aron Wussler <aron@wussler.it> Thu, 03 November 2022 08:32 UTC
Return-Path: <aron@wussler.it>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F239AC14F739 for <openpgp@ietfa.amsl.com>; Thu, 3 Nov 2022 01:32:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=wussler.it
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c61maf6jPN7I for <openpgp@ietfa.amsl.com>; Thu, 3 Nov 2022 01:32:09 -0700 (PDT)
Received: from mail-4018.proton.ch (mail-4018.proton.ch [185.70.40.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7A4BFC14CF0C for <openpgp@ietf.org>; Thu, 3 Nov 2022 01:32:08 -0700 (PDT)
Date: Thu, 03 Nov 2022 08:32:00 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wussler.it; s=protonmail3; t=1667464325; x=1667723525; bh=cBCys+as9JOpe/criO3EKESxCknxhHlf5XVvswK3vUw=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=Xubw8xgnd8uB4OFE60IquQWpMHxi1N/Rm0B/2tRA4TG6No6rQIc8/eM+eyHGgF2t8 wGZO4cFUXv6DUM/P3qfTAmHPrhH6PDL3zcRmqcDxOG3/ml8qTcSSYi8gNkuWxFsHRr QRlwhQLpSq2cNwjlCz4SH9tAzgylNUtBUL/ois/CWe93CXJXVpI6c2xS9gACCma6y7 dLvFIKaJ1YNdF6f8bLJg8KGbKNJT/CFcyXNMTOKjlVfqEiUphcpgPj3Y174/oHQNJT jCVMVKhRyDekK0wY8hmVEcnyydPLeRStD94IZp9zmDRC2vnENiX8gBBV+BS8UynDY8 udmGf7gw+USTA==
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
From: Aron Wussler <aron@wussler.it>
Cc: "openpgp@ietf.org" <openpgp@ietf.org>
Message-ID: <zPFgkVQD9vD3X99PVOEYp0NHQ1n8hl8mNdLgokPv_O1V7p8y4jgM6jKz0GFIix97At_foVxj-pWdKf3h-KWzEWqFhTGLiCUgrYKzJ7zM2HQ=@wussler.it>
In-Reply-To: <c859b8da-5fd6-297b-f30b-39805e3e3cad@cs.tcd.ie>
References: <c859b8da-5fd6-297b-f30b-39805e3e3cad@cs.tcd.ie>
Feedback-ID: 10883271:user:proton
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha512"; boundary="------4a6a303504a778217809c055c00502fb0e977e22cfcdaf6537064392ae612ca9"; charset="utf-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/5p4H8oOe2YoZo1Ec7SDRzWd-8XA>
Subject: Re: [openpgp] lack of agenda items...
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Nov 2022 08:32:15 -0000
Hi all, In v5 we added a 16-byte random salt prefixing the data when hashing for signature, great idea because if it's unpredictable it can prevent collision attacks. In SPHINCS+ this is also similarly done in the construction, but it has a variable size depending on the hash output size. To make randomized hashing coherent with PQC signature schemes I'd like to ask if (1) it is possible to extend the field to 32 bytes to match other constructions, or (2) it is possible to bind the salt size to the hash function. This would allow preserving all security features of SPHINCS+ in a future construction. Cheers, Aron -- Aron Wussler Sent with ProtonMail, OpenPGP key 0x7E6761563EFE3930 ------- Original Message ------- On Wednesday, November 2nd, 2022 at 13:54, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: > Hiya, > > So far we've had only one WGLC comment about draft-07. > I'm seriously wondering if we need a f2f meeting next > week if that remains the case. I realise it's v. late > in the day to cancel, but f2f sessions should really > only be used when needed and likely to be productive. > > Please let us know if you plan to post a review of the > draft in the next week. If we have some of those we > can I think have a useful meeting. If not, I think we > ought to cancel. (Please feel free to disagree with > that last assertion too though.) > > If we do cancel next week's slot, we'll extend the > WGLC and organise a virtual interim meeting. > > Thanks, > S. > > PS: The lack of agenda items is the reason for the > lack of a posted agenda:-) > _______________________________________________ > openpgp mailing list > openpgp@ietf.org > https://www.ietf.org/mailman/listinfo/openpgp
- [openpgp] lack of agenda items... Stephen Farrell
- Re: [openpgp] lack of agenda items... Daniel Huigens
- Re: [openpgp] lack of agenda items... Vincent Breitmoser
- Re: [openpgp] lack of agenda items... Stephen Farrell
- Re: [openpgp] lack of agenda items... Neal H. Walfield
- Re: [openpgp] lack of agenda items... Aron Wussler
- Re: [openpgp] lack of agenda items... Stephen Farrell
- [openpgp] changing v5 signature salt size from 16… Daniel Kahn Gillmor
- Re: [openpgp] lack of agenda items... Neal H. Walfield
- Re: [openpgp] changing v5 signature salt size fro… Aron Wussler
- Re: [openpgp] changing v5 signature salt size fro… Andreas Hülsing
- Re: [openpgp] changing v5 signature salt size fro… Steffen Nurpmeso