Re: [openpgp] SHA3 algorithm ids.

Werner Koch <wk@gnupg.org> Tue, 11 August 2015 16:10 UTC

Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F31001AC40C for <openpgp@ietfa.amsl.com>; Tue, 11 Aug 2015 09:10:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oqyvX3XvfUCx for <openpgp@ietfa.amsl.com>; Tue, 11 Aug 2015 09:10:33 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E30951AC405 for <openpgp@ietf.org>; Tue, 11 Aug 2015 09:10:32 -0700 (PDT)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.80 #2 (Debian)) id 1ZPC8F-000231-9y for <openpgp@ietf.org>; Tue, 11 Aug 2015 18:10:31 +0200
Received: from wk by vigenere.g10code.de with local (Exim 4.84 #3 (Debian)) id 1ZPC5y-0002DP-RK; Tue, 11 Aug 2015 18:08:10 +0200
From: Werner Koch <wk@gnupg.org>
To: ianG <iang@iang.org>
References: <87y4hmi19i.fsf@vigenere.g10code.de> <7540C7A9-2830-4A63-8310-B684796DA279@nohats.ca> <55C681FC.9010100@iang.org> <sjma8tztbgo.fsf@securerf.ihtfp.org> <CAMm+Lwj7SxXTn+KD-eQSeZHwJB36tCgD1t0bodVsp3ovOaZ8mw@mail.gmail.com> <87si7qf84a.fsf@vigenere.g10code.de> <55C9EAA2.8040500@iang.org>
Organisation: g10 Code GmbH
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
OpenPGP: id=F2AD85AC1E42B367; url=finger:wk@g10code.com
Mail-Followup-To: ianG <iang@iang.org>, openpgp@ietf.org
Date: Tue, 11 Aug 2015 18:08:10 +0200
In-Reply-To: <55C9EAA2.8040500@iang.org> (iang@iang.org's message of "Tue, 11 Aug 2015 13:29:22 +0100")
Message-ID: <87wpx1erkl.fsf@vigenere.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/JrrdnCVaS4yO_qqcIJZdZBCU8fE>
Cc: openpgp@ietf.org
Subject: Re: [openpgp] SHA3 algorithm ids.
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Aug 2015 16:10:38 -0000

On Tue, 11 Aug 2015 14:29, iang@iang.org said:

>   * to choose which SHA3 we're going for.  This not only means
> addressing the additionals (like the 4 lengths) but also resolving the
> uncertainty (perhaps in my mind only) about SHAKES.

I don't think so.  Let's assume that 4880bis specifies SHA-256 as the
replacement for SHA throughout the protocol.  Then it would be pretty
clear that SHA3-256 can be used if surprisingly a Chinese researcher
finds weaknesses in SHA2.

>   * to build a more comprehensive alg-failure recovery strategy.  By
> this I mean, more than handwaving at SHA3 as a potential drop in;
> making it the actual drop in with a process by which we trigger that

We already have this.  The preference systems greatly helped with the
migration from SHA-1 to SHA-256 et al.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.