Re: [openpgp] OpenPGP SEIP downgrade attack
Watson Ladd <watsonbladd@gmail.com> Thu, 08 October 2015 16:24 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A471E1A9104 for <openpgp@ietfa.amsl.com>; Thu, 8 Oct 2015 09:24:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1RAaJTpuWFsT for <openpgp@ietfa.amsl.com>; Thu, 8 Oct 2015 09:24:00 -0700 (PDT)
Received: from mail-wi0-x233.google.com (mail-wi0-x233.google.com [IPv6:2a00:1450:400c:c05::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AB9051A9118 for <openpgp@ietf.org>; Thu, 8 Oct 2015 09:23:54 -0700 (PDT)
Received: by wicfx3 with SMTP id fx3so36128660wic.1 for <openpgp@ietf.org>; Thu, 08 Oct 2015 09:23:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=N/j0Mg6Xs/3oh1jZrU8pNvspZR6rnTSHVQXFxQZnHMQ=; b=bF6W5BN6UUYTQIRjt7VPtAtklOqiFiY9bn9fhCjrbba6yxHfhTEhqT4AGxVSZX+Yd9 /EC53HXO1d0QqAQeCXuYLJJ6tZprdmGfBR6sg6r13VG19Lv+GtczZFoX5ci3qsjjqfY7 fblO2AmUtXaUbR0hjcRnXkhf5mjt2TY/vbWZRkHfjrDzX23Tdv2u+NJnWUP1ekwzHszV NS/xRiaSPXmt9EjcYokPgEJhu3G3VEwIk5CBF+hQUf8QjRKHrd/AiPbSrqWbfwu5kAII +/sCzbtpfNZx7AD3OSZKxWEYZufUBOdc8LmUU5lhK9QIuMIWae6XMGN3NInPcv97/XeY qlEw==
MIME-Version: 1.0
X-Received: by 10.194.175.232 with SMTP id cd8mr9724307wjc.45.1444321433094; Thu, 08 Oct 2015 09:23:53 -0700 (PDT)
Received: by 10.28.51.145 with HTTP; Thu, 8 Oct 2015 09:23:52 -0700 (PDT)
Received: by 10.28.51.145 with HTTP; Thu, 8 Oct 2015 09:23:52 -0700 (PDT)
In-Reply-To: <877fmx1ghi.fsf@vigenere.g10code.de>
References: <56128436.40607@assured.se> <87y4fh4210.fsf@vigenere.g10code.de> <9A043F3CF02CD34C8E74AC1594475C73F4B28383@uxcn10-5.UoA.auckland.ac.nz> <87k2r04hak.fsf@vigenere.g10code.de> <9A043F3CF02CD34C8E74AC1594475C73F4B2C5B4@uxcn10-5.UoA.auckland.ac.nz> <87si5m1ncm.fsf@vigenere.g10code.de> <9A043F3CF02CD34C8E74AC1594475C73F4B2D532@uxcn10-5.UoA.auckland.ac.nz> <877fmx1ghi.fsf@vigenere.g10code.de>
Date: Thu, 08 Oct 2015 12:23:52 -0400
Message-ID: <CACsn0cnr3O3sqS2-zL0VDd1CKW0eZsp+ST-tG-sQd4SAf8zg_w@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: "cryptography@metzdowd.com" <cryptography@metzdowd.com>, "cfrg@mail.ietf.org" <cfrg@mail.ietf.org>, "openpgp@ietf.org" <openpgp@ietf.org>, Peter Gutmann <pgut001@cs.auckland.ac.nz>, Jonas Magazinius <jonas.magazinius@assured.se>
Content-Type: multipart/alternative; boundary="089e013d1020f60e3a05219a496c"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/p6ADrMkbW0wCYQroT7jXW9IRjfs>
Subject: Re: [openpgp] OpenPGP SEIP downgrade attack
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Oct 2015 16:24:08 -0000
On Oct 8, 2015 12:21 PM, "Werner Koch" <wk@gnupg.org> wrote: > > On Thu, 8 Oct 2015 16:59, pgut001@cs.auckland.ac.nz said: > > > (It's also not clear whether someone encrypting a 10k email message with PGP > > is going to notice it being processed at 100MB/s or 150MB/s). > > I heard of backups somewhat larger than that. For mail it is anyway not a > problem - you sign and encrypt and you are done. Not even a need for an > MDC. Does this provide the right agreement semantics for both sender and recipient? It certainly doesn't solve the security issues with CFB mode. > > > (I actually really like OCB and don't like GCM much, but the patent situation > > makes it pretty problematic). > > Well, for the majority of uses cases there is a gratis license grant > from Phil Rogaway for his patents. > Further daft-zauner-tls-aes-ocb-03.txt states: > > 6. Intellectual Propery Rights Issues > > Historically OCB Mode has seen difficulty with deployment and > standardization because of pending patents and intellectual rights > claims on OCB itself. In preparation of this document all interested > parties have declared they will issue IPR statements exempting use of > OCB Mode in TLS from these claims. Specifically - OCB Mode as > described in this document for use in TLS - is based, and strongly > influenced, by earlier work from Charanjit Jutla on [IAPM]. > > At IETF-93 this case was mentioned and it was suggested to ask for a > similar licenses exception [1,2] if we consider to use OCB for OpenPGP. > > > Salam-Shalom, > > Werner > > > [1] https://datatracker.ietf.org/ipr/2647/ > [1] https://datatracker.ietf.org/ipr/2640/ > > -- > Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. > > _______________________________________________ > openpgp mailing list > openpgp@ietf.org > https://www.ietf.org/mailman/listinfo/openpgp
- [openpgp] OpenPGP SEIP downgrade attack Jonas Magazinius
- Re: [openpgp] OpenPGP SEIP downgrade attack Watson Ladd
- Re: [openpgp] OpenPGP SEIP downgrade attack Werner Koch
- Re: [openpgp] OpenPGP SEIP downgrade attack Neil Hunsperger
- Re: [openpgp] OpenPGP SEIP downgrade attack Peter Gutmann
- Re: [openpgp] OpenPGP SEIP downgrade attack Peter Gutmann
- Re: [openpgp] OpenPGP SEIP downgrade attack David Leon Gil
- Re: [openpgp] OpenPGP SEIP downgrade attack Werner Koch
- Re: [openpgp] OpenPGP SEIP downgrade attack Peter Gutmann
- Re: [openpgp] OpenPGP SEIP downgrade attack Werner Koch
- Re: [openpgp] OpenPGP SEIP downgrade attack Jon Callas
- Re: [openpgp] OpenPGP SEIP downgrade attack Peter Gutmann
- Re: [openpgp] OpenPGP SEIP downgrade attack Werner Koch
- Re: [openpgp] OpenPGP SEIP downgrade attack Watson Ladd