IETF Logo Mail Archive

Re: [openpgp] Intent to deprecate: Insecure primitives

vedaal@nym.hush.com Mon, 16 March 2015 17:18 UTC

Return-Path: <vedaal@nym.hush.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FC3E1A88F4 for <openpgp@ietfa.amsl.com>; Mon, 16 Mar 2015 10:18:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.602
X-Spam-Level:
X-Spam-Status: No, score=-2.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2tAz6viAu-wx for <openpgp@ietfa.amsl.com>; Mon, 16 Mar 2015 10:18:34 -0700 (PDT)
Received: from smtp10.hushmail.com (smtp10.hushmail.com [65.39.178.143]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 21C6E1A88EE for <openpgp@ietf.org>; Mon, 16 Mar 2015 10:18:34 -0700 (PDT)
Received: from smtp10.hushmail.com (localhost [127.0.0.1]) by smtp10.hushmail.com (Postfix) with SMTP id C1F08C0207 for <openpgp@ietf.org>; Mon, 16 Mar 2015 17:18:33 +0000 (UTC)
X-hush-tls-connected: 1
Received: from smtp.hushmail.com (w2.hushmail.com [65.39.178.46]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp10.hushmail.com (Postfix) with ESMTPS for <openpgp@ietf.org>; Mon, 16 Mar 2015 17:18:32 +0000 (UTC)
Received: by smtp.hushmail.com (Postfix, from userid 99) id D0C81E0451; Mon, 16 Mar 2015 17:18:32 +0000 (UTC)
MIME-Version: 1.0
Date: Mon, 16 Mar 2015 13:18:32 -0400
To: openpgp@ietf.org
From: vedaal@nym.hush.com
In-Reply-To: <87sid5si30.fsf@alice.fifthhorseman.net>
References: <CAA7UWsWBoXpZ2q=Lv151R593v3u=SPNif39ySX_-8=fqMniiVg@mail.gmail.com> <87sid5si30.fsf@alice.fifthhorseman.net>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20150316171832.D0C81E0451@smtp.hushmail.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/bMWbhYUO-YQbc3yIH6mmwJeslaM>
Subject: Re: [openpgp] Intent to deprecate: Insecure primitives
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Mar 2015 17:18:35 -0000

On 3/15/2015 at 11:56 PM, "Daniel Kahn Gillmor" <dkg@fifthhorseman.net> wrote:

>> Yahoo has deprecated, and intends to disable support for all 
>uses, of
>> the following primitives and packet types specified for use with
>> OpenPGP v4:
>>
>> - Symmetric cipher algorithms: IDEA, TDES, CAST5, Blowfish, 
>Twofish

-----

All previous OpenPGP have had a MUST implement for 3DES.
Is there any advantage in using only block 64 symmetric encryption primitives, to do away with 3 DES, IDEA and CAST 5?

In general, won't removing these primitives make it difficult to decrypt past correspondences where people have used these primitives?
(The default for symmmetrically encrypted GnuPG messages has been CAST5 for a long time in the past, -i.e. many many encrypted messages ...)


vedaal

v2.23.0 | Report a Bug | By Email