IETF Logo Mail Archive

Re: [openpgp] Version 5 key and fingerprint proposal

"HANSEN, TONY L" <tony@att.com> Thu, 16 March 2017 17:37 UTC

Return-Path: <tony@att.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 537A91296CB for <openpgp@ietfa.amsl.com>; Thu, 16 Mar 2017 10:37:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pH9sqjmNz3Fa for <openpgp@ietfa.amsl.com>; Thu, 16 Mar 2017 10:37:22 -0700 (PDT)
Received: from mx0a-00191d01.pphosted.com (mx0a-00191d01.pphosted.com [67.231.149.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B593B1296C4 for <openpgp@ietf.org>; Thu, 16 Mar 2017 10:37:22 -0700 (PDT)
Received: from pps.filterd (m0048589.ppops.net [127.0.0.1]) by m0048589.ppops.net-00191d01. (8.16.0.17/8.16.0.17) with SMTP id v2GHPY45009413 for <openpgp@ietf.org>; Thu, 16 Mar 2017 13:25:58 -0400
Received: from alpi155.enaf.aldc.att.com (sbcsmtp7.sbc.com [144.160.229.24]) by m0048589.ppops.net-00191d01. with ESMTP id 297x5gj7cp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <openpgp@ietf.org>; Thu, 16 Mar 2017 13:25:58 -0400
Received: from enaf.aldc.att.com (localhost [127.0.0.1]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id v2GHPudT016331 for <openpgp@ietf.org>; Thu, 16 Mar 2017 13:25:57 -0400
Received: from mlpi407.sfdc.sbc.com (mlpi407.sfdc.sbc.com [130.9.128.239]) by alpi155.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id v2GHPru1016221 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for <openpgp@ietf.org>; Thu, 16 Mar 2017 13:25:55 -0400
Received: from MISOUT7MSGHUBAC.ITServices.sbc.com (MISOUT7MSGHUBAC.itservices.sbc.com [130.9.129.147]) by mlpi407.sfdc.sbc.com (RSA Interceptor) for <openpgp@ietf.org>; Thu, 16 Mar 2017 17:25:39 GMT
Received: from MISOUT7MSGUSRCG.ITServices.sbc.com ([169.254.7.103]) by MISOUT7MSGHUBAC.ITServices.sbc.com ([130.9.129.147]) with mapi id 14.03.0319.002; Thu, 16 Mar 2017 13:25:38 -0400
From: "HANSEN, TONY L" <tony@att.com>
To: IETF OpenPGP <openpgp@ietf.org>
Thread-Topic: [openpgp] Version 5 key and fingerprint proposal
Thread-Index: AQHSnkkXb0/y6aWZsUSrgivkw9uOkKGXlqiXgAAhbIA=
Date: Thu, 16 Mar 2017 17:25:38 +0000
Message-ID: <C44EAA51-9967-4E49-9FD8-2B678DD8E393@att.com>
References: <87varlou5m.fsf@wheatstone.g10code.de> <20170307230605.GA2@hashbang.sh> <87efy8ntcx.fsf@wheatstone.g10code.de> <20170309174531.GB2@hashbang.sh> <20170309184745.GC2@hashbang.sh> <CABcZeBMhpXy-e9Mtp8LwfqfAVW_ks3JBw1H2N3H_0c4gpQBqpg@mail.gmail.com> <DAC23A62-14BF-4AAA-8E52-09029B279E8F@icloud.com> <87varhculg.fsf@wheatstone.g10code.de> <2BC88897-B957-4E4E-B109-DFF4EFA14B4D@icloud.com> <87mvco40xf.fsf@wheatstone.g10code.de> <87mvclwjih.fsf@wheatstone.g10code.de> <sjmr31xtf9r.fsf@securerf.ihtfp.org>
In-Reply-To: <sjmr31xtf9r.fsf@securerf.ihtfp.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [135.110.240.99]
Content-Type: text/plain; charset="utf-8"
Content-ID: <AC8845CABCC6554B9B58C53A21800D5D@LOCAL>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-RSA-Inspected: yes
X-RSA-Classifications: public
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-03-16_13:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_policy_notspam policy=outbound_policy score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1702020001 definitions=main-1703160135
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/e84CUZCS6EqURdwzzxGm0ouztZQ>
Subject: Re: [openpgp] Version 5 key and fingerprint proposal
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Mar 2017 17:37:24 -0000

(This is probably old info for some of you.)

From my analysis, the difference in speed between sha2-256 and sha2-512 is directly because of the use of 32-bit arithmetic vs 64-bit arithmetic. The algorithms are essentially identical, not counting the underlying constants. On machines where 64-bit arithmetic is faster than 32-bit arithmetic, sha2-512 will be faster than sha2-256. On machines where 32-bit arithmetic is faster than 64-bit arithmetic, sha2-256 will be faster than sha2-512. On 8-bit or 16-bit machines, you’re going to be emulating either 32-bit arithmetic or emulating 64-bit arithmetic; usually the 32-bit arithmetic will be faster.  :-)

On another note, for Werner Koch: are you talking about truncating the value from sha2-512(x) down to 200 bits, or using the FIPS 180-4 truncated sha2-512/t(x,t) algorithm? There is a definite difference between the two. FIPS 180-4 defines differing underlying vectors for different lengths of t (the truncation value).

Note that FIPS 180-4 defines the function for all positive values of t <512, but only >approves< its use for 224 and 256. This might be an argument for use 224 instead of 200.

- Tony Hansen

On 3/16/17, 11:25 AM, "openpgp on behalf of Derek Atkins" <openpgp-bounces@ietf.org on behalf of derek@ihtfp.com> wrote:

    Werner Koch <wk@gnupg.org> writes:
    
    > On Tue, 14 Mar 2017 11:17, wk@gnupg.org said:
    >
    >> What do others think:
    >>
    >>  - Use SHA-256 and truncated to 200 bits
    >>  - Use SHA-512 and truncated to 200 bits
    >>  - Anything else
    >
    > No opinions?
    
    Considering these days I work with very small systems, I'm in favor of
    SHA2-256 because in my environments it's much faster.  Even if SHA2-512
    is faster on larger systems, the clock-wall time still gives SHA2-256
    the advantage when you compare 256 vs 512 on a 16MHz 16-bit platform
    versus a 32/64-bit 2GHz platform.
    
    I.e., it doesn't bother me if SHA2-256 is a fraction of a millisecond
    slower on a large system, but it's tens or hundreds of milliseconds
    faster on the constrained device.
    
    Thanks,
    
    > Shalom-Salam,
    >
    >    Werner
    
    -derek
    
    -- 
           Derek Atkins                 617-623-3745
           derek@ihtfp.com             www.ihtfp.com
           Computer and Internet Security Consultant
    
    _______________________________________________
    openpgp mailing list
    openpgp@ietf.org
    https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_openpgp&d=DwICAg&c=LFYZ-o9_HUMeMTSQicvjIg&r=Kz8VdgPVctDNSNPJ6PsBaw&m=vM6RhLQF242nU4VMyV4DjMhHsEUQeou96eZFYalUF6A&s=ksU0kzU9qTx2kcTtA-JsnQ1IE9CA8gsM-1iYvKPDFCU&e=

v2.23.0 | Report a Bug | By Email