IETF Logo Mail Archive

Re: [OPSEC] minutes part 2

"Vishwas Manral" <vishwas.ietf@gmail.com> Mon, 29 December 2008 22:01 UTC

Return-Path: <opsec-bounces@ietf.org>
X-Original-To: opsec-archive@optimus.ietf.org
Delivered-To: ietfarch-opsec-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1B3DA3A677C; Mon, 29 Dec 2008 14:01:06 -0800 (PST)
X-Original-To: opsec@core3.amsl.com
Delivered-To: opsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2CE333A677C for <opsec@core3.amsl.com>; Mon, 29 Dec 2008 14:01:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IMFgfMEoHp1H for <opsec@core3.amsl.com>; Mon, 29 Dec 2008 14:01:04 -0800 (PST)
Received: from mail-bw0-f21.google.com (mail-bw0-f21.google.com [209.85.218.21]) by core3.amsl.com (Postfix) with ESMTP id A778D3A6452 for <opsec@ietf.org>; Mon, 29 Dec 2008 14:01:03 -0800 (PST)
Received: by bwz14 with SMTP id 14so16699320bwz.13 for <opsec@ietf.org>; Mon, 29 Dec 2008 14:00:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=WLtMUlQmbxwx/NFF5QvFb7Vv0kv6bSSAuA/jdmKEKOc=; b=D5/TsK+JBgj/Rzbn7zuMngxqBiWPj6X0MsbBRTzsGHTflFabdl8NOrIv4Yhk8sY8bd ybR4Toco9toRphB8fL3mZCUifoaAp+X5sQkQXPPclH5W8oKglhAK72wOUav96/t4DAde H6t4vY034MSkRdckDCW+GqUliXTgLKgumPTWI=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=FocKPNdOVB5Ihr+IFlBuMys2hJZpFHhTuIBirmPwts0wCzW479vjyAU3STeoAAEyRs ZJKkGUhh6eNPsk7T/Ko3Qa2uwtsJbT9oSseICml+gZzx//PwIResm2sPFKKjxmyNcOBv 7aePm0Wtvl5WkRhlvuxZhxZxy8mwrdsjXuKL4=
Received: by 10.181.137.13 with SMTP id p13mr5359476bkn.173.1230588051107; Mon, 29 Dec 2008 14:00:51 -0800 (PST)
Received: by 10.180.209.3 with HTTP; Mon, 29 Dec 2008 14:00:50 -0800 (PST)
Message-ID: <77ead0ec0812291400g5819c929y718683de7fa3ed45@mail.gmail.com>
Date: Mon, 29 Dec 2008 14:00:50 -0800
From: Vishwas Manral <vishwas.ietf@gmail.com>
To: R Atkinson <ran.atkinson@gmail.com>
In-Reply-To: <104A40DD-D2FB-48F2-A5D2-28C0E4ADA663@gmail.com>
MIME-Version: 1.0
Content-Disposition: inline
References: <EC3F7E1D-F7C8-484A-A0C0-1A25E79AD86E@extremenetworks.com> <494D48B6.9090302@bogus.com> <77ead0ec0812222113m28f91093ke6512a5d7a287b0c@mail.gmail.com> <1D5F3F5F-4357-4E25-BEDE-35300949EDB8@gmail.com> <77ead0ec0812231006u55443dacn1731f51a8e922b62@mail.gmail.com> <8CA72870-DEB9-4979-8478-ED5467AF3DD3@gmail.com> <77ead0ec0812231556t73e24f17m9d52862672b22dc5@mail.gmail.com> <4070E95B-4E30-4B1F-90F1-B20F67EDEDFF@gmail.com> <77ead0ec0812291316h75c87da3i190cb23996e09a10@mail.gmail.com> <104A40DD-D2FB-48F2-A5D2-28C0E4ADA663@gmail.com>
Cc: opsec@ietf.org
Subject: Re: [OPSEC] minutes part 2
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/opsec>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: opsec-bounces@ietf.org
Errors-To: opsec-bounces@ietf.org

Hi Ran,

I will deal with the two topics in seperate mails.
>> That is good. So we agree that NIST atleast encourages the protocol
>> designers to use the algorithms. :)
>
> Well, your words above are not what I said.
>From the NIST site and has been shared earlier with you (I am just
quoting what NIST states on its web site which has been updated 2
months back):

"Regardless of use, NIST encourages application and protocol designers
to use the SHA-2 family of hash functions for all new applications and
protocols."

Thanks,
Vishwas


> NIST prefers SHA-2 over other shorter forms of SHA,
> probably because NIST (for now) can only recommend SHA
> (as it is the only NIST hashing algorithm), NIST have
> to recommend *something*, and SHA-2 has the longest
> key size.
>
>> We probably also agree that there
>> is cutomer request for the use of the SHA algorithms as has been
>> brought out by others too.
>
> I'm the one who started the whole effort on SHA for IGPs,
> just as I'm the one who started the whole effort to add
> cryptographic authentication to IGPs last decade.
> Having SHA as an option is sensible because it solves
> a *policy* problem for some US Government users, including
> some parts of DoD.  This was all covered in my past IETF
> presentations.
>
>> I have been following the NIST development of the new protocol and it
>> is very well known inside the community  that any new algorithm to
>> replace SHA will be deployable only 10 years or so later.
>
> I disagree with your 10 year assessment.  AES deployed MUCH
> MUCH more rapidly, after following a similar process for
> public submission, public review, etc.  The IPsec magic
> number for AES was allocated by IANA shortly after the AES
> selection was announced by NIST, and there were interoperable
> implementations of AES-CBC for IPsec ESP shortly after that
> (even before the I-D appeared, as I recall).
>
>> Regarding the talk of SHA algorithm having issues are correct however
>> after talking to cryptographers who have evaluated the current attacks
>> - it seems clear to them that MD5 strength is considerably lesser than
>> the SHA algorithm strengths. I will send you the details in another
>> mail. I have already shared the same with the WG chair.
>
> I've consistently asked for a peer reviewed paper.
> I like Hugo, but an email containing another person's
> opinion is not a peer-reviewed paper.
>
> Mind, such paper ought to be about the algorithms *in the modes
> used for IGPs* since the matter at hand is IGPs.
>
> If someone has done some formal maths and published it,
> in some peer reviewed forum, please provide a citation
> (or URL or something) to that paper so everyone can read it.
>
> Hugo publishes from time to time, if he has published on
> this, it would be helpful if he'd provide the full
> citation (a URL to the paper would also be nice).
>
>> It also seems clear from talks with the AD's that MD5 is not
>> recommended in any form for any cryptographic use - it is however
>> still not the case for SHA algorithm.
>
> Thanks, but I'll wait for whichever ADs you mean above
> to speak directly for themselves.
>
> (Aside: MD5 was never a NIST algorithm; it isn't a surprise
> to me that NIST hasn't recommended a non-NIST algorithm
> for any uses.)
>
> Cheers,
>
> Ran
> rja@extremenetworks.com
>
>
>
> _______________________________________________
> OPSEC mailing list
> OPSEC@ietf.org
> https://www.ietf.org/mailman/listinfo/opsec
>
_______________________________________________
OPSEC mailing list
OPSEC@ietf.org
https://www.ietf.org/mailman/listinfo/opsec

v2.23.0 | Report a Bug | By Email