IETF Logo Mail Archive

[openpgp] ECDH PKESK v5 change

Aron Wussler <aron@wussler.it> Tue, 20 December 2022 13:36 UTC

Return-Path: <aron@wussler.it>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 563C9C14F740 for <openpgp@ietfa.amsl.com>; Tue, 20 Dec 2022 05:36:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=wussler.it
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9iOkF8kAz-NW for <openpgp@ietfa.amsl.com>; Tue, 20 Dec 2022 05:36:18 -0800 (PST)
Received: from mail-4018.proton.ch (mail-4018.proton.ch [185.70.40.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0FE6FC14F737 for <openpgp@ietf.org>; Tue, 20 Dec 2022 05:36:17 -0800 (PST)
Date: Tue, 20 Dec 2022 13:36:03 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wussler.it; s=protonmail3; t=1671543374; x=1671802574; bh=Xz7g/nPgBLGkMSwxJ25E4FE6IAcRzdPWOTzgaRwVSvk=; h=Date:To:From:Subject:Message-ID:Feedback-ID:From:To:Cc:Date: Subject:Reply-To:Feedback-ID:Message-ID:BIMI-Selector; b=wABEq6t9M2m71kTTmXwidB3REz+L8ug2sWCsJrPc4GSGlM0gUjR/gKkZYumpCZ0dz qmdCpecckw3zDAu0gB9uQpHc0QQ7KEvbJ8Z//OH7MyVDksg6VDnMseo5BL8KdKAqot VWkF7VNl6D92Jt7YlccdgLnH+J3FfV4CH4E0YOPHp0ptNFsQyyVdcq4+tmsy/f4Nc3 /RH1Qc+4ThP/h0fvJ0arPmMQ2W6Ns9j7cqkJUp/5l1+GT/PndxainE1CYbRe6I9RqS FXIVB4bk/010QxwYZ912VIz1egI70I4hrRrNS5G1A9oUKV32YLzMefJbKVWpQW91FM NDD382XifHBJQ==
To: "openpgp@ietf.org" <openpgp@ietf.org>
From: Aron Wussler <aron@wussler.it>
Message-ID: <Axf6rk8dxEfOSaNLdXrdl_yDa8sr-3ypOUYEO-gq8IyIw869K9sRUdoBA1FRgc2CKgcf4idwfR2TCo0EH3FvA9eTlCAe7WL8pMxJjZY27Tc=@wussler.it>
Feedback-ID: 10883271:user:proton
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha512"; boundary="------b8e76da0c4f925126ed7ad602f9527414bf9b83879e9a21d66476fd51f7e2050"; charset="utf-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/em4s5PL9GO7EUrigDbQdc8TOP9c>
Subject: [openpgp] ECDH PKESK v5 change
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Dec 2022 13:36:23 -0000

Hi all,

In section 12.5 we change the encoded data in the encrypted part of the v5 ECDH PKESK, removing the symmetric algorithm ID.

1. Doesn't this effectively remove the binding between session key and PKESK?
I could reuse the same key packet for a different Sym. Encrypted Integrity Protected Data Packet encrypted with another algorithm.
Embedding this into the Param of the ECDH KDF could also be very tricky, as we would be mixing info from different packets.

I would be very happy to be wrong about this, if there is some other mechanism that embeds this binding.

2. Can we also drop the checksum? 

RFC 3394 contains already a 64-bit checksum, making this effectively a 10-octect checksum.

Cheers,
Aron


--
Aron Wussler
Sent with ProtonMail, OpenPGP key 0x7E6761563EFE3930

v2.23.0 | Report a Bug | By Email