Re: [openpgp] Default preferences for the future

"Mark D. Baushke" <mdb@juniper.net> Tue, 21 March 2017 15:55 UTC

Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.239.18 as permitted sender)
To: "HANSEN, TONY L" <tony@att.com>
CC: "openpgp@ietf.org" <openpgp@ietf.org>
In-Reply-To: <56ED3B74-0BA4-4DC2-943E-B1CCD1F32AE2@att.com>
References: <3b89c96a-0bb6-cd09-cbf7-1f9e26f04bd6@addere.ch> <52027.1490051694@eng-mail01.juniper.net> <56ED3B74-0BA4-4DC2-943E-B1CCD1F32AE2@att.com>
Comments: In-reply-to: "HANSEN, TONY L" <tony@att.com> message dated "Tue, 21 Mar 2017 14:06:45 -0000."
From: "Mark D. Baushke" <mdb@juniper.net>
Date: Tue, 21 Mar 2017 08:55:02 -0700
Message-ID: <11858.1490111702@eng-mail01.juniper.net>
Sender: mdb@juniper.net
MIME-Version: 1.0
Content-Type: text/plain
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Mar 2017 15:55:50.3463 (UTC)
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.239.18]; Helo=[p-emfe01a-sac.jnpr.net]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR05MB317
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/ZIhFm0wPr3fFLtWW1GehJx0yeiU>
Subject: Re: [openpgp] Default preferences for the future
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Mar 2017 15:55:57 -0000

HANSEN, TONY L <tony@att.com> writes:

> FIPS 180-4 also defines SHA2-512/224 and SHA2-512/256. Should they be
> added to the table?

SHA2-512/224 protects roughly 112 bits of security, so it would be fine
for TripleDES, but not much else. I would say it is not needed.

SHA2-512/256 works great on a 64-bit machine, but is a lot slower than
SHA2-256 on a 32-bit machine and protects 128 bits of security. I don't
really care if it gets used or not. I am guessing that 8-bit and 16-bit
implementations will care a lot more.

FIPS 202 also defines four cryptographic hash functions (SHA-3) and two
extensible-output functions (XOFs) called SHAKE128 and SHAKE256. All of
the SHA-3 family of hashes are very slow in software, but could be
effectively implemented in hardware. The one thing we know as a result
of the SHA-3 bake-off is that SHA-2 is a lot stronger than we thought
and we do not yet really need SHA-3. That said, if you want to add
agility to OpenPGP, you could define SHA3-256 and SHA3-512 code points.
I see little point in any of the other alternatives.

	-- Mark

[openpgp] Default preferences for the future Ryru
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Werner Koch
Re: [openpgp] Default preferences for the future Werner Koch
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Robert J. Hansen
Re: [openpgp] Default preferences for the future HANSEN, TONY L
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Robert J. Hansen
Re: [openpgp] Default preferences for the future Robert J. Hansen
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Werner Koch
Re: [openpgp] Default preferences for the future Mark D. Baushke
Re: [openpgp] Default preferences for the future Werner Koch