Re: [openpgp] v5 in the crypto-refresh draft

Peter Gutmann <pgut001@cs.auckland.ac.nz> Sat, 05 June 2021 12:22 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FA083A2132 for <openpgp@ietfa.amsl.com>; Sat, 5 Jun 2021 05:22:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1rfIR7d71gOg for <openpgp@ietfa.amsl.com>; Sat, 5 Jun 2021 05:22:52 -0700 (PDT)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [180.189.28.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 840A93A2131 for <openpgp@ietf.org>; Sat, 5 Jun 2021 05:22:50 -0700 (PDT)
Received: from AUS01-SY4-obe.outbound.protection.outlook.com (mail-sy4aus01lp2168.outbound.protection.outlook.com [104.47.71.168]) (Using TLS) by relay.mimecast.com with ESMTP id au-mta-103--uZMaKiANFeL3NIT_9casw-1; Sat, 05 Jun 2021 22:22:42 +1000
X-MC-Unique: -uZMaKiANFeL3NIT_9casw-1
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com (2603:10c6:10:10b::10) by SY3PR01MB1404.ausprd01.prod.outlook.com (2603:10c6:0:15::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4195.24; Sat, 5 Jun 2021 12:22:39 +0000
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::9965:92dd:f5b:87a7]) by SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::9965:92dd:f5b:87a7%6]) with mapi id 15.20.4195.026; Sat, 5 Jun 2021 12:22:39 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] v5 in the crypto-refresh draft
Thread-Index: AQHXWQzuzdssG/TtVk6GhEyMb/dWfKsFWKD1
Date: Sat, 5 Jun 2021 12:22:38 +0000
Message-ID: <SY4PR01MB6251839B81DE4E541BD150C4EE3A9@SY4PR01MB6251.ausprd01.prod.outlook.com>
References: <87lf7q6sh0.fsf@fifthhorseman.net>
In-Reply-To: <87lf7q6sh0.fsf@fifthhorseman.net>
Accept-Language: en-NZ, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [14.1.76.32]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 55a0d2d8-6a29-4827-b747-08d9281c9bf4
x-ms-traffictypediagnostic: SY3PR01MB1404:
x-microsoft-antispam-prvs: <SY3PR01MB140413E70CBC50FCF52DE291EE3A9@SY3PR01MB1404.ausprd01.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:4502
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0
x-microsoft-antispam-message-info: +26yI6GICaoe3ChoXHV6LSfNv9OiDqVp37eWeoHZrufnr6LZg72OyZHK6OsDROWLFicORh7wJnCf6iLJPSW2P6/GvPrMzYsUJs9tSsrL7ryDWG8a1mT6R3fXW3gO4VjgEgrkXn4BwKVZzZQ+8moHO9t69dCTNJKNwMKoicycbtjP/EG9mDJKIGO9x6MqBse1lPX+xGUWakpKsCtVv6D8P6Y0anfB5iWgCSqZSQbC0YSZ3W3MTucgxb4m4CMg+6iLRyPqDYKPE8xC+PCVW22inwpAKevW8vQ5Am70R1hAZa2d5l1PEpCF28QwlMNEuuvbFBtdUSKo1k1dtSLQPtv3DxWgEhaoVzkD1EIRxUXiLA5P4hrdS2nr81nH2yxSM5S5CnmItWrd1g+aJCt2hl4zQdXYACqjqexhkBz612tUHpjk6f055Z8vRiUmqOqNtqfvYzOGc5JCkK3+NERC3WRXW92Ec2vy4zVewV25PqBEUMZUVw443puF4wLBPtw6y7q1Zyd+AECr7U+74CZmEtB1/j2OCd8PZs02DdcAUKNWrP6J52MqYLVbXRNEdXi77XvxZvIRmXfrC1v0OxqnTP14eCoFoa+oLXo+b+tNZW4D8qg=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SY4PR01MB6251.ausprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(136003)(366004)(39860400002)(376002)(396003)(86362001)(71200400001)(33656002)(110136005)(478600001)(6506007)(66446008)(66476007)(5660300002)(66556008)(316002)(786003)(8936002)(2906002)(52536014)(66946007)(55016002)(38100700002)(122000001)(26005)(7696005)(8676002)(186003)(4744005)(76116006)(9686003)(64756008); DIR:OUT; SFP:1101
x-ms-exchange-antispam-messagedata: =?iso-8859-1?Q?SoxUXn04+U2tbZKyK9p3qMubnqV/9jAPc1UTAUa/d7ZHBWRRckpMlBZajQ?= =?iso-8859-1?Q?LqcR15Jsa1QsILuy2VCZQqy0PA5XHKzJwIahHVk1Om5OrEXqz2ii4JxxnR?= =?iso-8859-1?Q?WiAFvv2Aa15fT56snGUl+FsCaif96Zr+1clnqS4JKLUKpZaexXspxTRoR9?= =?iso-8859-1?Q?Z1nPC3gn+5vSIhQurirItzKC1s3vuVd5EasOm5vPpOVSNNlCqKt7Uc41XO?= =?iso-8859-1?Q?7121Eg30bibo5vHAArXdeusai44pEW+88j7HINfl5ewTSCJs23IJJT1QhP?= =?iso-8859-1?Q?//1jofKAY1ez2UBzBOr7d5tIfc0LdAm8iiR1MdavEAFT6Sg/uXi5jdlSE/?= =?iso-8859-1?Q?qUKKvMAsgRFamp65BV+r+msCMvo4oMrUvna2FYZd30T8jHJ5YSo7qRl0yZ?= =?iso-8859-1?Q?Fla/2OyL4EAa+0fYJDsPBq6FCFmr6gPitPk9VdfZtDRBmvFS9IbugerNTh?= =?iso-8859-1?Q?MF/OJl91nEhp7ZVm9WlRLg3SW/XK7n7UHUVPw+3c4Erpc87Xc8SAXz9+sr?= =?iso-8859-1?Q?Sm0LTYaU47rRTcpmdysCK8vONyKcIvweUgaR0JIU1UZClWucksLaC0uC7Z?= =?iso-8859-1?Q?lHU99qquu+Zlv6KivF65ol5LL14r9OcXV6t4b4Gqs5zgTOTvTNLulB5IRR?= =?iso-8859-1?Q?Ipb6ohMX7Eo6U2weDHHVYVpXTzO7Ko7ScpiWK8nvpViBbUMJzBofOhlaet?= =?iso-8859-1?Q?bGatlCXGGdszwU1pYA2cS9J9LTRQ4SdHgVqAoPBoxdYHDYGVRCcZrB/W4u?= =?iso-8859-1?Q?WNYnedfmjmpLMECm/aXpYgJnYCQd0OGv3B8rF7yGaa75uxVKz42delo/uI?= =?iso-8859-1?Q?lBJpBYzAZNdqKRMRuMYalbTpMtKI9K9mQ3kMN4VbowtrJleNRu/CX3rXNm?= =?iso-8859-1?Q?s9uW9YQKJTDtJuDRLrUN87tlrdJ6p6ZvUsNLjbSGYwzybG7or2sX7nHyBA?= =?iso-8859-1?Q?kERkAZIA/3X1kkmD0KEK4kgbHD5QspAlLc0ALp2RulsstsNaMqcdt6WtHy?= =?iso-8859-1?Q?SoLqgC36mgROkoDpFvsPlTKbMyzP25rtcDrRubWoHK/Md2OXn6aRU7/X5f?= =?iso-8859-1?Q?zgbhTFCBgATVHJgAgKZBkpScv8vBuR73ymLTyPrJALgQ8WIKUL7IdJaOW0?= =?iso-8859-1?Q?YttxigMzrHSLAxPMNTJb8vypsDjBqgoBb3K3UVy7KX0YOVCJijVA9aaQtG?= =?iso-8859-1?Q?84/283QDnoX7xzt3QyrTF9ugT+6b4AyxG+0xWoi20Hz2BwG+7bUO7UHaav?= =?iso-8859-1?Q?Gj8yidBKFwiocJlpmY9GUa1yVOlEb1X4qqCak/cf74jMVuQMQ95utkgC05?= =?iso-8859-1?Q?AascttOeot5H3skMgbUt1gyjVSrdU7OJkk3Yj306WR7G36s=3D?=
x-ms-exchange-transport-forked: True
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SY4PR01MB6251.ausprd01.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 55a0d2d8-6a29-4827-b747-08d9281c9bf4
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Jun 2021 12:22:38.8256 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 4oAXB+v4nD0Dal1KAWr9DuDJkfKHJwkchrtUcEIpePkTX1n/mkKH8HJ2tZMzmqZU45zLhOciHZctigJgghwDDuXtkIs+lxFR58t2z2WVqQU=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SY3PR01MB1404
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Language: en-NZ
Content-Type: text/plain; charset=WINDOWS-1252
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/a8bcbF21DcK7eg_qdV2QkJTgcVM>
Subject: Re: [openpgp] v5 in the crypto-refresh draft
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Jun 2021 12:22:56 -0000

Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes:

>Specific v5 changes

Another thing I'd like to see changed in v5 is the incredibly annoying way
OpenPGP handles its PRF.  For every PRF use on the planet except OpenPGP, you
specify the number of iterations of the PRF to be applied.  For OpenPGP you
specify the number of bytes to output and then have to work backwards through
the PRF to figure out how many iterations this amounts to.  Making things even
worse, the count is encoded in a weirdo fixed-point format that can't be
passed as an integer count parameter to anything because it's not, or
alternatively that if passed as an integer has to then be converted back into
its oddball fixed-point format when written.  So:

  Replace the S2K 'count' value with a 32-bit integer specifying the number of
  PRF iterations to apply.

Peter.