IETF Logo Mail Archive

Re: [OPSEC] minutes part 2

"Vishwas Manral" <vishwas.ietf@gmail.com> Tue, 23 December 2008 18:21 UTC

Return-Path: <opsec-bounces@ietf.org>
X-Original-To: opsec-archive@optimus.ietf.org
Delivered-To: ietfarch-opsec-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1AF003A67A1; Tue, 23 Dec 2008 10:21:31 -0800 (PST)
X-Original-To: opsec@core3.amsl.com
Delivered-To: opsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9AEDF3A67A1 for <opsec@core3.amsl.com>; Tue, 23 Dec 2008 10:21:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z7c4DLLTN7TC for <opsec@core3.amsl.com>; Tue, 23 Dec 2008 10:21:28 -0800 (PST)
Received: from mail-bw0-f21.google.com (mail-bw0-f21.google.com [209.85.218.21]) by core3.amsl.com (Postfix) with ESMTP id 2F7923A6452 for <opsec@ietf.org>; Tue, 23 Dec 2008 10:21:28 -0800 (PST)
Received: by bwz14 with SMTP id 14so10306262bwz.13 for <opsec@ietf.org>; Tue, 23 Dec 2008 10:21:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=clqOA3vIbFVyC64QRgtr2bUsku3kLICx7LbmN7KlqV4=; b=n+0Oocmz14ofnerPHEZO1zlJrit0s5sF5GLXFyAqM7Kmh82non0iEDJhS+5c1DBEks 2o6mG+zGiOC+zgafMBhITgNFQs06e5Fuv4bJ9xR0C6bIVETF3xulIZadObsSDPRBEj+m rCtVQL+gmTrC+9+MzFgweHJAZjq2yceHJEOIo=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=YVpw0PWgs9urYCgt5VTs22rSne8G7PEi0A8OmWlKv8Az08PYeU897vTnqqaxP0+F8w EChrnrxJh/qB52rvsUSBbWppiOfTlxvUc7jnTHAt1Vn1P/8DYs186wigSm8yUcEnmYv1 JJILfjLvPQ/ypQehNOuVkqk5olSoFlBSx4SiA=
Received: by 10.181.37.6 with SMTP id p6mr347026bkj.29.1230056477491; Tue, 23 Dec 2008 10:21:17 -0800 (PST)
Received: by 10.180.209.3 with HTTP; Tue, 23 Dec 2008 10:21:17 -0800 (PST)
Message-ID: <77ead0ec0812231021g2a9b84a5q70533d5e0d74f7b4@mail.gmail.com>
Date: Tue, 23 Dec 2008 10:21:17 -0800
From: Vishwas Manral <vishwas.ietf@gmail.com>
To: R Atkinson <ran.atkinson@gmail.com>
In-Reply-To: <1D5F3F5F-4357-4E25-BEDE-35300949EDB8@gmail.com>
MIME-Version: 1.0
Content-Disposition: inline
References: <EC3F7E1D-F7C8-484A-A0C0-1A25E79AD86E@extremenetworks.com> <77ead0ec0812160927j77bf42c6mbccef8ccf55d1e16@mail.gmail.com> <90F75653-21D6-4D2B-9472-52F2BDF7510D@gmail.com> <77ead0ec0812161118l3ca37732m541deb4c716a8f42@mail.gmail.com> <0C823E84-78EE-4234-9AD8-20688B0F8F55@gmail.com> <77ead0ec0812161616r5cc782c5j69415f75d4aa82bb@mail.gmail.com> <7EBC9C5C-EDF9-4CDD-8E1B-B9D05656ACAA@gmail.com> <494D48B6.9090302@bogus.com> <77ead0ec0812222113m28f91093ke6512a5d7a287b0c@mail.gmail.com> <1D5F3F5F-4357-4E25-BEDE-35300949EDB8@gmail.com>
Cc: opsec@ietf.org
Subject: Re: [OPSEC] minutes part 2
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/opsec>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: opsec-bounces@ietf.org
Errors-To: opsec-bounces@ietf.org

Hi Ran,

One more interesting thing I noticed was that we are reccomending
HMAC-SHA-1 over Keyed-MD5 for OSPF and RIP do you agree to this part?

Thanks,
Vishwas
=====================================================

   For OSPF implementations to interoperate, they must support one or
   more authentication algorithms in common that can be used in the
   cryptographic scheme of authentication.

   This section details the authentication algorithm requirements for
   standards conformant OSPF implementations.

   Old   Old         New
   Req.  RFC         Requirement  Authentication Algorithm
   ---   ------      -----------  ------------------------
   MUST  2328        MUST-        Keyed MD5
    -     -          SHOULD+      HMAC-SHA-1 [OSPF-HMAC]
    -     -          MAY+         HMAC-SHA-256/HMAC-SHA-384/HMAC-SHA-512


On Tue, Dec 23, 2008 at 7:44 AM, R Atkinson <ran.atkinson@gmail.com> wrote:
> Folks,
>
> Of course, NIST's approved algorithms list only contains
> NIST algorithms  This ought not be surprising.
>
> Of course, non-NIST algorithms aren't on NIST's lists.
> That is a tautology.
>
> There is no news here.
>
> It is all entirely consistent with my prior statements.  There
> are some organisations that *for policy reasons* prefer to use
> certain algorithms or algorithm families.
>
> A choice made to comply with (local or national) organisational
> policy is quite different from a claim that scientific
> evidence exists that one algorithm is better than some
> other algorithm (when evaluated in the context of a
> particular cryptographic mode -- comparing apples to apples).
>
> As the IETF is an international, global organisation,
> the IETF has so far declined to use *local or national
> policy* as the basis to endorse or reject any particular
> algorithm.  This seems only proper as the IETF ought not
> prefer US policy over another country's policy in its
> decision making.  This principle of using global scope for
> the IETF standards processes lies behind [RFC-1984].
>
> Given the relatively recent information indicating "serious
> attacks" on SHA (the quote is from NIST [1]), including an
> acknowledged attack on SHA-1 [2], previous beliefs that SHA
> might be stronger are no longer supported by the science at hand.
> MD5 is also subject to "serious attacks" that have been published.
> So the data available says that both SHA and MD5 have cause
> for serious concern.
>
> Now, maybe someone has recently published some scientific,
> peer-reviewed, paper that compares MD5 and SHA (in the mode
> used by the IGPs for authentication).  If such exists, a pointer
> to that paper would be helpful to everyone in the OPsec WG.
> Absent such a paper, the only *scientific* conclusion is that
> (1) there is cause for concern about both SHA and MD5 and
> (2) there is not enough data at the present time to prefer
> either of those algorithms over the other algorithm.
>
> A practical step might be for some folks (not including me !)
> to add some additional MAC algorithms to the set available
> for IGP authentication, to provide more choices to implementers.
> Apparently specifications for an AES-CBC MAC and a "Counter
> with CBC-MAC" have been created in recent years. [RFC-3566]
> [RFC-3610]  (NOTE WELL:  I haven't done a literature search
> on either of those, so I'm not recommending either one; instead,
> I am only noting that the universe is not limited to SHA or MD5,
> and providing some examples of other options by way of an
> existence proof.)
>
> Cheers,
>
> Ran
> rja@extremenetworks.com
>
> PS:  The set of "First Round Candidates" to replace
> the existing SHA standards are listed at reference [3] below.
>
> [1]<http://csrc.nist.gov/groups/ST/hash/index.html>
> [2]<http://csrc.nist.gov/groups/ST/toolkit/documents/shs/NISTHashComments-final.pdf>
> [3]<http://csrc.nist.gov/groups/ST/hash/sha-3/Round1/submissions_rnd1.html>
> _______________________________________________
> OPSEC mailing list
> OPSEC@ietf.org
> https://www.ietf.org/mailman/listinfo/opsec
>
_______________________________________________
OPSEC mailing list
OPSEC@ietf.org
https://www.ietf.org/mailman/listinfo/opsec

v2.23.0 | Report a Bug | By Email