IETF Logo Mail Archive

Re: [openpgp] OpenPGP encryption block modes

Peter Gutmann <pgut001@cs.auckland.ac.nz> Sat, 13 August 2022 10:33 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7DD4C13C506 for <openpgp@ietfa.amsl.com>; Sat, 13 Aug 2022 03:33:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.607
X-Spam-Level:
X-Spam-Status: No, score=-2.607 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i-YobiF0Jdum for <openpgp@ietfa.amsl.com>; Sat, 13 Aug 2022 03:33:48 -0700 (PDT)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [103.96.21.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9F4EEC15C50E for <openpgp@ietf.org>; Sat, 13 Aug 2022 03:33:39 -0700 (PDT)
Received: from AUS01-SY4-obe.outbound.protection.outlook.com (mail-sy4aus01lp2170.outbound.protection.outlook.com [104.47.71.170]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id au-mta-107-lh983VZ8OYOOdpIIqj8bEQ-1; Sat, 13 Aug 2022 20:33:33 +1000
X-MC-Unique: lh983VZ8OYOOdpIIqj8bEQ-1
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com (2603:10c6:10:10b::10) by SYBPR01MB8393.ausprd01.prod.outlook.com (2603:10c6:10:1a4::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5504.14; Sat, 13 Aug 2022 10:33:32 +0000
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::9ce9:9bf2:308b:8a40]) by SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::9ce9:9bf2:308b:8a40%3]) with mapi id 15.20.5504.025; Sat, 13 Aug 2022 10:33:32 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "brian m. carlson" <sandals@crustytoothpaste.net>, "openpgp@ietf.org" <openpgp@ietf.org>
Thread-Topic: [openpgp] OpenPGP encryption block modes
Thread-Index: AQHYqJ7vTaur47W7kEKyw7brud5Nxq2oQKKAgAB0aoCAAsh7gIAAVv+AgADaUi0=
Date: Sat, 13 Aug 2022 10:33:32 +0000
Message-ID: <SY4PR01MB6251519A46ED09E117DFEC39EE669@SY4PR01MB6251.ausprd01.prod.outlook.com>
References: <YuKpxp0/Dy1DfC19@watt.59.ca> <875yjhjg2c.fsf@thinkbox> <87r124m64c.fsf@wheatstone.g10code.de> <YulX9jI1+wOCwLJq@ohm.59.ca> <Q6EUpbQm0e5f1OiU-77Old9p9FXyLCaFZ8pMm7PTt8VTLQJaXRQzWIDSwc3db6yI-56imyOaTNdt9TC8Zrm1jN_kPKxFYH4OqEu6o-Wfquo=@protonmail.com> <YuvlHdLz0Sfle7Ot@ohm.59.ca> <87a68ji1bv.fsf@wheatstone.g10code.de> <YvPGY8ArcKD7Hr1p@watt.59.ca> <YvQoC1g5rzKCfCVp@tapette.crustytoothpaste.net> <YvZ9txWreYSbzyBi@watt.59.ca> <YvbGsQKpQVsprdp3@tapette.crustytoothpaste.net>
In-Reply-To: <YvbGsQKpQVsprdp3@tapette.crustytoothpaste.net>
Accept-Language: en-NZ, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8ea4a51f-292f-4299-d865-08da7d17455e
x-ms-traffictypediagnostic: SYBPR01MB8393:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0
x-microsoft-antispam-message-info: 4xWG9jkSdPTJocdI1TZXc01071LWPR2vsScDgx3GJNoV8do1L8vXJ8biQX+yECyN35/ECh0vWxazdiM9kYmJpviwKzpStQA/uUBM8LmnHEytWCzDc12pv+7HFic260fQSeoMtTEHITqlh9G6Unn8RzuEOBB11dyLhcbDl39kFvl4Q408IBPg0CyJvzcQRwuAOvUv+LstEaigfJCbeoVNUiTmDHiIUuwuYPIiYLHTcn7cK6SmO8dq9WW1TLq75057apFl3+zJCFbQBUYrD5o0Jp5DQ8+znoWw2crLxJ7Jhr3riYPMnxAHvIEhRRMWEWmiHx61MLi2EADvG/OJrMo9YSMgywSLkSPniF2iRV8ikjHLgvYzqUwN9ZWWyep3F5khyRnfj48l1DGooQ93i4w+BydHoloPH9bvQXBxqsQzENU2zVoknYrER0K1CcNLGPhdbtywTSgN0w/SAFEoNxXeV113OO/rny00RNZy1g/uGmnHXGjuYFoQSsCAqzaJXAIYnyqI7vl4RyFrwkhbAA1ziLA+chLG71uO/zx0ehAdsk9NiySXszxwrO3QbPOfwqooOmHzWDfJa9YxUe+mly3tVU6SiQfx6AOdVbW9m0EWvX+BFhcYTHU/setSfTyMPsiDzm2/eN/tOkNfgKZNrJ/fIGykDJOs6lT+iN9XdUU3WEcj0SlzT55nmt8R3Ie4rBcjs83CApKteB/UFxg+XuXBreqbYVZcMXzHvgvOquclHhl1o39naHOldF2PbBPZeFtJ5GPTZjytXqGeKVlIvGovoJgyIY9yoROWlenMVoscxcE=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SY4PR01MB6251.ausprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230016)(4636009)(366004)(396003)(136003)(376002)(346002)(39860400002)(86362001)(2906002)(6506007)(41300700001)(122000001)(7696005)(38100700002)(110136005)(316002)(786003)(4744005)(38070700005)(9686003)(478600001)(33656002)(26005)(5660300002)(66446008)(66946007)(55016003)(71200400001)(52536014)(8936002)(83380400001)(8676002)(76116006)(186003)(66556008)(66476007)(64756008); DIR:OUT; SFP:1101
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: PQE85MXhfSs4voKOqOIedVHw04BDbUxZynd2EO9lGe0ZcCOUM885XlxahoCiSrSP80l5Z0+6ufyfbZqUmYlQJWzdw2O0FkX4pDcNQkmCYQ5UdxdPjzc/bZ5K4Uf24HTEKWxWDkc94CB3fmj3jIk3TPOsFwrNSVzIwxz42d3eKw+7g6epDipRgGz7Zho04lnkNOx3D9ycOQqQLB2PLClhIqrs5DjRUTQmAYvMT9UAow2BqoUd7cLVbRkLWeXzpW0NhsX8wHLfQy9ESpva8ohR3ydd4hCZdwVLk/uMGZ74dKD1jRZLPBNyEqfKYN89+VW9CQHS+nhGLPAhjnOhtHNuLzvmZ3qqD8jvQCDLUKejb5wfO2v38tNDf04dnz1Kx4a1k2kd6B+DaUbhos3D/1RQjeW2mn1LauX3ZcwnPU+7BmMN1NJ7DKPkL1NOWbZix8wrJt25YpVfJT87dp0bnHobSbJWgtkCWR8jbjJajNFYOlIgr3R/ypDe7M+3I03h/qfAzOb9bVhMd+z3bdANdckqDV2P5os9uqXwzWxwK+jw2v8GwZU0mx1LJEjYkQktVcD0oRydybjjoG93eNUHJhbGQS9uhPg9CSdlvKmv5lWx81QAmh5LVRUtI9ya7LwcpNhx/N3zt62/iDK0IgabHvfLYWIL8RAI0sKD+99ORKbs9Su4wEhMYBQQEE60Ll9h7fpY7FtoG1/hEUca1gvHILXEdqHSa2rd3cusMyaNsyMCIX6HcD44VJyyAoAEccXxdPnKryuP1BEZ4k6iifB36cZG/6CusJpD/hLXFkW2Bg/aTT5iyhTh8ctY1pvvryL4QFl5Bg8Hs4oalT6crl6d8hLMxnHmuxFa7xnGk8wolksY4RVQYk4q+bpyxYXB2WatB1K8Y37QGSe2254b3mF2ETcf+57mioR7OhtUTfmUNP1+gzY6ALQE9A+500LmaMT8Icn+gLw0WURagp8Hcix+v/OxkR9SIHwdY03tBFc/r7j1EGO5oYnzGLd9SGQD+7ANPALkBoK/Do9Yefbf+KNmyCHe15eeFANGV8+hV4dNM4VwgZfONj6oOQ5cQBJtKZyNQLMEqNW9fJUg0FUm9kQv5uGSaQD0oIP6+r/2vyXEGxiIMj72WYinB9jeTzPd6YDMLuzJPztAZImQbK+TApGMRZOzXPGZhCE40KUVliT2QWtGmY0nQj4NqBzewFWNgAeqlZmhPRFO5xA2jevJcC+Cl1BtjFut0FS4Miaj6JexgFDOx5p4R2N1y6KByc6KaJvj2e+ozjL4DePW+kfRb6nAayApN83hChexkh5xC1NMhjmFMD1LkC9Q0y38/YP9wXG0Bjj/0tKYS80TypTlNAqNjWSFsbzTYq3h8PpyC3lyZt3InAW3BAwy8/2HnkTuBk8+zsawgVYo7QvJ3s+e9Mgcaz1X/0UwiexZF7CepbAtvfSBbFAV8SzAWVbkE3aMqw0Pga3bYVYZvkkIQP2jvVFb8h4G/R+As2lUNK6sbMhSZWhCV915QLcEMEqRf85NOwdkd+PLVQxtjHmS09QpYUMejlczttbkWe4m+JDi1HSYMJF7C6FWHGrt45IvLEa70itO8HYuZOZv2KDhd9EGkqSi6qKmHA==
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SY4PR01MB6251.ausprd01.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8ea4a51f-292f-4299-d865-08da7d17455e
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Aug 2022 10:33:32.7753 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ZAa7jJrtdlqwHAAiX8ZFulcjHgZb06V55sRqdTT77SE3aSKfengg9dnRCJVeZJTWRKXaPyXT4/OB3vtst9X3cXziCtR3PWzge40DDzd+K80=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SYBPR01MB8393
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Language: en-NZ
Content-Type: text/plain; charset="WINDOWS-1252"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/vjE8_S2GGfMZnMV7IwB1cjPqgjQ>
Subject: Re: [openpgp] OpenPGP encryption block modes
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Aug 2022 10:33:52 -0000

brian m. carlson <sandals@crustytoothpaste.net> writes:

>To summarize, I don't think there is consensus in the working group for
>keeping OCFB-SHA-1 as the preferred encryption method

I should add to my earlier comment that I wasn't defending OCFB-MDC which is
rather a kludge, particularly since HMAC had been around and widely used for
more than a decade at the time 4880 was published.  The CMS equivalent
Authenticated-Enveloped-Data, which came out at the same time as 4880, used
HMAC and not an MDC.  I was only pointing out that it's not as broken as raw
SHA-1.  In particular I'm not arguing for OCFB-MDC, I'm in support of OCB.

Peter.

v2.23.0 | Report a Bug | By Email