Re: [openpgp] Disadvantages of Salted Signatures

Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 11 December 2023 10:15 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AE4D7C14F5E2 for <openpgp@ietfa.amsl.com>; Mon, 11 Dec 2023 02:15:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.009
X-Spam-Level:
X-Spam-Status: No, score=-7.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eG3ZgQYYINX3 for <openpgp@ietfa.amsl.com>; Mon, 11 Dec 2023 02:15:34 -0800 (PST)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-vi1eur04on2118.outbound.protection.outlook.com [40.107.8.118]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFA3CC14E513 for <openpgp@ietf.org>; Mon, 11 Dec 2023 02:15:32 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XH2DoO5+ZYlo1InKq/h9zuo1XRt5BdYaeUGfHVHUmnzI1/pUlfDBUKVhOdcw8im3++qfUp7Nk+XhAyEHN1YY2lCR5MPoSlBd/g5MKrSacPhmZpHhTz2AkJRzMF8B4esxYeJUTTdh3Zo9bC3vTEuAWmIX+6NSNd9rPuMSL+efuJZHdg4eLm5tzNbnx+cGaCocL9+e/Dd6xLt5lqY2Cg3WJibX29hDrtuPZtwiL6E1tLDJcUtKMx0uQIaeLIrQ7t+j4L/x5zHrhVwmXAVwcVwCSNvoapMSvAg4i3ufIEVFVhQJzRPsuRV59/QDU6M1ZNRpvHLjefgysn9ewPt1KEPVqw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FK1cENaMYQjDKfZ3jzXhqWLZEni3P9otuqXBw6lcIrA=; b=e3XwdgATgJuO3LTaQIIGetol/2huvf2/E3dqb94SrSDNZJm/Uhx35bzvcRgrg5C97fK6Zw3G9eqlkb3/Lz/h8XYvXNjxLMlpeVrdMjR4/Axy79Mp6zxPX0qDMbsCTgqqV06a7BL+pGwFQ7TpRGjFdq2YmVvdSn3f9grtldChLjTfaTGqPPQXPGsV8OF02rBraa29AX/WUkCBgWqjPZPFBEvDavWAk/YukCZDtZG7NeLUYopLgIKxpCP6lJRtRJUn8bbC+BBhwn+4+Dvp7DtpilT6G4a3H+gosOClII53yqOfNX4ZfTfxNUTVuXRdZ7GLE6KF9Qv7dcvgyO/HNuPpUg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FK1cENaMYQjDKfZ3jzXhqWLZEni3P9otuqXBw6lcIrA=; b=pCTNss7qrYk6B+LKUbMLa3HUY5LIzZTIO8wYLOVPIq1jWtFqqnRQGBQvQ7BgF5271LKa0QFmWiMKB6eXGTM7BwEF9UJbRf4Kql+Kh6yPqFbNuZgd71XU7fTY0ZXEcrXRbO/Qw+WRviBjkkarLKOV3hZqR4q81zJGPTUaHPh0VGz0GNh0s7l9ntbeCXuSAi3YzCLaHQr5mN1a0CTbV1cXHtyH4EoP0U9r5QoE/kOCAsyGir0CrqcmX+xv3QtUyEJ0fj5Jr0dflkIbO8IcIGk9IZ1XLMYNmBc+IqVoDuJybEwUbfwX8GQo5woMlc3VIt2F1LxTzcWH+T42+4U2acB73w==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by DU0PR02MB8831.eurprd02.prod.outlook.com (2603:10a6:10:410::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7068.32; Mon, 11 Dec 2023 10:15:28 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::d7cb:f7b5:ad53:c139]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::d7cb:f7b5:ad53:c139%5]) with mapi id 15.20.7068.031; Mon, 11 Dec 2023 10:15:28 +0000
Message-ID: <f462cabd-697f-4e64-baba-4bd8cd2674f4@cs.tcd.ie>
Date: Mon, 11 Dec 2023 10:15:24 +0000
User-Agent: Mozilla Thunderbird
To: Stephan Verbücheln <verbuecheln@posteo.de>, openpgp@ietf.org
References: <077dd27cef0c7d3968967fc4c3a880081b8bd9dd.camel@posteo.de> <8b5f251f-ae52-4937-9500-ddedb9fbef73@cs.tcd.ie> <709995498037ba59fb1a14d75ffa819702566d83.camel@posteo.de> <df7f0b41-f998-4f0e-b07e-67231031e54b@cs.tcd.ie> <a38abd9349683c1c0762daa8b203bc8578fc4853.camel@posteo.de>
Content-Language: en-US
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Autocrypt: addr=stephen.farrell@cs.tcd.ie; keydata= xjMEY9GzphYJKwYBBAHaRw8BAQdAo6JvjmSbxHdQWPZdvciQYsHhM1NxQBU398Mmimoy4p7N M1N0ZXBoZW4gRmFycmVsbCAoMjU1MTkpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPsKQ BBMWCAA4FiEEMG54R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwMFCwkIBwIGFQoJCAsCBBYC AwECHgECF4AACgkQ5Njp+ZeoM93bogEA25ElRyX0wwg+kGEN1AoL60MoZfvQZ/VtmXY6IC5j +csBAIBpkL5ySuzJK2zLNZn9qQGht8IaUcA7cvDcLvS2uHUEzjgEY9GzphIKKwYBBAGXVQEF AQEHQILCPWOwW36e8D3pY8GmvvtItIT+A5uV80ist+WokVsQAwEIB8J4BBgWCAAgFiEEMG54 R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwwACgkQ5Njp+ZeoM92bcAEA8R+8cpqRUIS+SoAN iO05xE6O/wEx8/e88BqzAYki3SoBAOQdwiPX+MQrAxkWD8xxOsdMOAtxYKpkD1n8aPJUw6QJ
In-Reply-To: <a38abd9349683c1c0762daa8b203bc8578fc4853.camel@posteo.de>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------N59RcPgmQ0dXKdN8jKMWGnni"
X-ClientProxiedBy: DU2PR04CA0292.eurprd04.prod.outlook.com (2603:10a6:10:28c::27) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB7PR02MB5113:EE_|DU0PR02MB8831:EE_
X-MS-Office365-Filtering-Correlation-Id: 493e8f8f-8e84-4d97-0686-08dbfa32184e
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: e5GW1J6Jzk5bmp5WzwVu/AQG9Ie5IA8vSI0EguGOYYniQIoH9pLi4Mr4qrjnLiqM1O71efdTEZ6UP67Abf5/yZqA42zqHrzc469vU3sONzcFv8AgJQdUAHbUgpKe/4j/3H4ILqkuCxmewOgPWy9xKPRPbVJp2XoEZGFoeVuhli+XCBRl4dk/cp3KdBMa62rJ1mtvGtJk92Va0kHPfbs4BVgfsn5Xk9265yNPxkQ6KStZXI7gycSkcqVX47druLVxwTNaL8PkSqBeXRh0lfEmxaXQ4ekelUYKv6IYG/huGGPE0cMYIoAfbTEzsQyZTWm1ZfET+yowU/fZOmlo5fsyROip0ZGsc9I0PezlZkwkSK8UTVhyipGz/LhcCYr3PSfrvg3YXKp+n5v326AXRvhaueo+Aa8wVMHi9xXbyiDgayIoQ2mpOlE1cFtzBjgdygJSZDiGX/onQiLuZp9XpHzofCwSjIOVQDkjce33S83+e+Yvgj9oXWz0he4/ZuHoMJPj4uNPQEM2k88qYqqYngivWStERytVx8uBlEstrTKLrAgS3yxefw+gHROz3d0IW3uKOH5UNH3HNMrG5Kse9yS4Vi4QdcdoNtQo2ILJ9F3YRNF6s/Uj5XiIrb9xNLTmyvgmjiZkx2AyEviKBg100QNrMw==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(346002)(366004)(376002)(396003)(39860400002)(136003)(230922051799003)(186009)(451199024)(1800799012)(64100799003)(31686004)(21480400003)(2616005)(38100700002)(86362001)(31696002)(36756003)(316002)(83380400001)(44832011)(5660300002)(235185007)(53546011)(6512007)(6666004)(6506007)(33964004)(66556008)(66946007)(6486002)(8936002)(8676002)(786003)(66476007)(2906002)(41300700001)(478600001)(43740500002)(45980500001); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: gxAtVzidpSADnolPy9/0FW28y0NCJKuWuV4h0720Nri+IhSX4AnY+9DB9fqe6yTsxqA55z5LqY9ceDoeJJhz+El6CCVsMf3nfKRly0iB+Ea8GxBszFj/TGA+T1Fg1CZXd7dGwR2AE0PGCzA/qf1wFmWIpirv1arYAQPoFjMndlzVuMFu107th8syYnCjAHQYNHrgTM1VqiDNVvzlPeainHdbg6uh2dD6jEYLnjgBe/M/LkVmF0liawz7dvKVI3goAV1FORo1gByDcB37rnV1GHOa+eOY7zFXAGvG9HPYzfw3Uj/YRXMzBaHat1cFl5vxEvkaN0efhCFWzVUK9aKil0Vk9cPZAusDcXgBjUjIwCnIR2rb93MaFksZBk9G4PElmasIghdX+G1TuOUnCLCFeAE8Tj1VYycEyuHNKaOsbcFo6fUXLal0eqCemohrcOb8FDTRHvH0OEzapU/8im52EOaZnLSF7Ccp1s2tp0ocNbEmFNvYnxC2V3nVY13Lir0Y/HIFeDbv1QygeOiV41mE//wkjSOHKY42l1lZHayW9W3vDdErSlj5ZFjgazveJohDzDOkwoKv/EWGoPHYEn5IAo/xTmbnQnuyTmIkBO7PDIJ4jqm76rjNnHzu53WEyhVwFLcWLWStQeawA4NNhmYY6t60wU/jiMDwiFeXdL2qTrTLG7jClOh2pLYAL3lzw82/JHbFF9kkJhgZuL7meqBZs8zwnmFGE4aDZmjlLH6HuWKrRz8K3JyToXa/HVzWbZFvBC+MAFZRRkQVL0oqdydNF+gXl4p75YB1Hsm8RLKRseEH/dtTtQTX0K9fsydl60eGiV8Vto+YDpu4BG+dPH0V4f6/NkW4Xc/r1azPVfgZ96XIuV/+valYhbkPS4Nmg+9IE8Homnx8AXOkte51QSQpkoJPDDgsrIxq9WGJOC2Pit9PCx9SXWQHc+y9tqlYGnZBGqGkrcnW4bL8MG19AzEIUJYCVlZy4Hn5oF/MV6rVUDCN4EwCj8dybiuBNmh2M7+306uxO64zIo98BbM+YG07uPBCYbXsRQQH9/UoCUf6W6d4Go7xfctB5v9rkSBuM8Xmjs9km/+Egl7w5QXkOSZwYnEokxGMCkA6oCRzHbk8QzFTq93JyRlxQARe4N2qFG45ViM6/JdHbIOReckQqUGIBmadT/6BO774kdibj2BhjqGfXxsvjzyFNoOl7flnTDsWS6srWKqchYcay7AHjPf6g2VQ7DrDtbF7nYnwfadkpTdDuZhpMD50VM0UqavfTh7SJf0C6PnP5OpsbWV/De4QkOP40RZgvDeNFpVcs3tm5OyNJ6M0g5q8J6740VPwrTzHdu57BiXU/oWgemWJzaZCT2dSta5IRn7s8K4CD4nNzM3wse2YXjiV5l072eItPtXUg3Och8CEGBfRQXFgaMx4BXWMaziCmnJg+22mFYcO3olC72W/hY4hNgXdcHWPA8bwINoZmoFr+BTheV5AqSGW8nIbac3j9a7EqjbC1oXx2DtN+NaSJXk7HDscatwirEv6ibrQrTbDYbk8jmz89aBGk3cVs/+W6kV1DZ1OdzCMHocnIBO8vhT4kXE+ZrPWTTXwjbOkVnSl+FwZCB+Df8g/4s12uTFBCOAhshxeBdd2IVvQGZy+PqpcjGmR23uAp3vr
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: 493e8f8f-8e84-4d97-0686-08dbfa32184e
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Dec 2023 10:15:28.2017 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: IYeqa5WgnVwadVIeZAXB/+ss2GfYse2EEIN6E9lV4eb2oOGrHrCO3NNHzO5ugSnV
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU0PR02MB8831
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/Ul7kEApheJ3gvxwGtG056ttWy24>
Subject: Re: [openpgp] Disadvantages of Salted Signatures
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Dec 2023 10:15:38 -0000

Hiya,

On 11/12/2023 07:37, Stephan Verbücheln wrote:
> This change appears to be proposed ...

Just as a level-set: The crypto-refresh draft has been through
working group and IETF last call. The bar for changes at this
point is, and should be, and will remain, very very high. We
will almost certainly end up making some changes due to IESG
review which is our next step, but, barring that or discovery
of some show-stopper, the document is not now open for changes.

Thus far, while there are validly different opinions on salting
signatures or not, and it remains a useful discussion to further
elaborate the relevant threat models that apply for pgp, I do
not see a show-stopper problem.

I'd therefore ask that we cast this discussion as being about the
general topic, and *not* consider it as opportunity to suggest
changes to crypto-refresh. We've already done literally *years*
of work on getting that document to this stage so it won't be
re-opened other than as mentioned above.

I'd also hope that keeping the discussion general might help avoid
angst, which is usually a good plan:-)

Cheers,
S.