IETF Logo Mail Archive

Re: [perpass] Consensus on algorithms/cipher suites in Opportunistic Security

Robin Wilton <wilton@isoc.org> Thu, 27 August 2015 09:04 UTC

Return-Path: <wilton@isoc.org>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE95B1A8784 for <perpass@ietfa.amsl.com>; Thu, 27 Aug 2015 02:04:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2hHCO_vj2JIg for <perpass@ietfa.amsl.com>; Thu, 27 Aug 2015 02:04:19 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0098.outbound.protection.outlook.com [207.46.100.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 078AC1A879C for <perpass@ietf.org>; Thu, 27 Aug 2015 02:04:19 -0700 (PDT)
Received: from SN1PR06MB1839.namprd06.prod.outlook.com (10.162.133.18) by SN1PR06MB1837.namprd06.prod.outlook.com (10.162.133.17) with Microsoft SMTP Server (TLS) id 15.1.256.15; Thu, 27 Aug 2015 09:04:16 +0000
Received: from SN1PR06MB1839.namprd06.prod.outlook.com ([10.162.133.18]) by SN1PR06MB1839.namprd06.prod.outlook.com ([10.162.133.18]) with mapi id 15.01.0256.013; Thu, 27 Aug 2015 09:04:16 +0000
From: Robin Wilton <wilton@isoc.org>
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Thread-Topic: [perpass] Consensus on algorithms/cipher suites in Opportunistic Security
Thread-Index: AQHQ4DLIkjWCZnoXAUeZroiu90Bt2J4fjkx/
Date: Thu, 27 Aug 2015 09:04:15 +0000
Message-ID: <13ADC351-B15C-47BD-91E1-96BC9E33596A@isoc.org>
References: <CAHbuEH7YFefd35N+jA395xMK3=74p8T5s7eUrqE4FY=DrqJALg@mail.gmail.com>, <alpine.LFD.2.20.1508261507030.21217@bofh.nohats.ca>
In-Reply-To: <alpine.LFD.2.20.1508261507030.21217@bofh.nohats.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=wilton@isoc.org;
x-originating-ip: [94.174.34.240]
x-microsoft-exchange-diagnostics: 1; SN1PR06MB1837; 5:rHWL7HWRzZrG4th4kxCdFE+b2GBXWn2Cpwps6mbPlCcbD6NTl3+vBizAo+sZheLy/Ho2WKTGSvEC+CWQsIwufMvL4XoMg+ww3FVMxpziugvtkZYjHFArSCCqfnY+DXnU2NEy0ACg6dOrHfY0Fbfzmg==; 24:l9D8SC5r+lGUYY+JWUsJoVLeeH0GZ2bmkcfwDUhhaMg+CQZiCXFOeJRR0PCrge1vq2a9eicU8OusOzST1Gj8SkKQzsUE+x6Ozb07mtBnGrQ=; 20:mMrx0x+Idz0cuRcgDF0thXusemUZpQqsMAIRFvngdpiuuOC1ATS3LnPS/AvvKIBk3ho17ZOkyx/x7GomqW1bzQ==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:SN1PR06MB1837;
x-microsoft-antispam-prvs: <SN1PR06MB183789BCDCC12F69BA37BDBABF6F0@SN1PR06MB1837.namprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(5005006)(8121501046)(3002001); SRVR:SN1PR06MB1837; BCL:0; PCL:0; RULEID:; SRVR:SN1PR06MB1837;
x-forefront-prvs: 06818431B9
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(24454002)(189002)(129404003)(199003)(51444003)(15975445007)(10400500002)(102836002)(66066001)(86362001)(40100003)(122556002)(81156007)(64706001)(77096005)(36756003)(68736005)(19580405001)(97736004)(5007970100001)(87936001)(5002640100001)(77156002)(5004730100002)(2656002)(62966003)(19580395003)(4001540100001)(101416001)(50986999)(5001960100002)(82746002)(110136002)(46102003)(189998001)(5001920100001)(5001830100001)(5001860100001)(83716003)(2900100001)(2950100001)(561944003)(92566002)(99286002)(33656002)(106116001)(105586002)(54356999)(106356001)(76176999)(104396002); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR06MB1837; H:SN1PR06MB1839.namprd06.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: isoc.org does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: isoc.org
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Aug 2015 09:04:15.6299 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 89f84dfb-7285-4810-bc4d-8b9b5794554f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR06MB1837
Archived-At: <http://mailarchive.ietf.org/arch/msg/perpass/ecJ-NpIXx0Ib2MlEhuLTP2RG-dE>
Cc: "perpass@ietf.org" <perpass@ietf.org>, Paul Wouters <paul@nohats.ca>
Subject: Re: [perpass] Consensus on algorithms/cipher suites in Opportunistic Security
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2015 09:04:20 -0000

Thanks Kathleen,

To me, the issue with that para. 2.9 as drafted is one of logic and implicit assumptions.

"Using algorithms that are weak against advanced attackers but sufficient against others is a way to make pervasive surveillance significantly more difficult."

In my naive threat analysis, the entities doing pervasive surveillance are precisely advanced attackers (e.g. state intelligence agencies with access to massive-bandwidth data, colossal storage and enormous processor power... and the expertise to design and implement sophisticated attacks). On that basis, terms like "weak", "sufficient", and "significantly more difficult" seem to me to beg the question.

To get down to specifics; suppose we're talking about 1990s-style crypto-wars and symmetric algorithms. Would para. 2.9 help us to decide whether, say, 40-bit CDMA increases the work factor sufficiently, over unencrypted traffic, to be worth deploying? Or would we hold out for 56-bit DES? 

I'm sure there's a valid principle lurking under para. 2.9, but I'm not sure it is currently expressed explicitly enough to provide useful guidance. Maybe that's OK... if explicit guidance is provided elsewhere and I just haven't read it yet.

Hope this helps,
Robin


Robin Wilton

Technical Outreach Director - Identity and Privacy

On 26 Aug 2015, at 20:09, "Paul Wouters" <paul@nohats.ca> wrote:

> On Tue, 25 Aug 2015, Kathleen Moriarty wrote:
> 
>> I posted a question to SAAG and would like to see where we are at on
>> consensus around a statement that keeps showing up in drafts.
>> 
>> If you could take a look at my message to SAAG (and the thread) and
>> chime in there, it would be helpful to know where we are at.  I might
>> be in the rough, but I'm not so sure that I am...
>> 
>> https://mailarchive.ietf.org/arch/msg/saag/PXrRghfHM-OBj2Y2TniuKptpKCs
> 
> Actually, I agree with you. I do not like the use of "weaker algorithms"
> for Opportunstic Security.
> 
> There is no valid reason to design anything that is "weaker" in strength
> (eg keysize). I think what might have been meant is "unauthenticated"
> versus "authenticated". And that also turns "weak" and "advanced"
> attacker into "passive" and "active" attackers. I think that would be
> more inline with the discussions we have had regarding opportunistic
> security. I have never heard of a proposal from anyone that said "use
> AES128 for opportunistc and AES256 for preconfigured security".
> 
> Paul
> 
> _______________________________________________
> perpass mailing list
> perpass@ietf.org
> https://www.ietf.org/mailman/listinfo/perpass

v2.23.0 | Report a Bug | By Email