IETF Logo Mail Archive

Re: [radext] I-D Action: draft-ietf-radext-tls-psk-09.txt

Alexander Clouter <alex+ietf@coremem.com> Sat, 02 March 2024 15:11 UTC

Return-Path: <alex+ietf@coremem.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85828C14F60A for <radext@ietfa.amsl.com>; Sat, 2 Mar 2024 07:11:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.807
X-Spam-Level:
X-Spam-Status: No, score=-2.807 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=coremem.com header.b="aFSpRAN1"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="C6vd5fHK"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cvD0_NgUMSeT for <radext@ietfa.amsl.com>; Sat, 2 Mar 2024 07:10:58 -0800 (PST)
Received: from wfhigh6-smtp.messagingengine.com (wfhigh6-smtp.messagingengine.com [64.147.123.157]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F98CC14F5F9 for <radext@ietf.org>; Sat, 2 Mar 2024 07:10:58 -0800 (PST)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailfhigh.west.internal (Postfix) with ESMTP id 998A91800092 for <radext@ietf.org>; Sat, 2 Mar 2024 10:10:55 -0500 (EST)
Received: from imap46 ([10.202.2.96]) by compute3.internal (MEProxy); Sat, 02 Mar 2024 10:10:55 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=coremem.com; h= cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm3; t=1709392255; x=1709478655; bh=lYSVsRvc7J ktspT7hcZa5C+1QsDxIb7Kw2GYRHybWBA=; b=aFSpRAN1butr27ipF2DJzWFHtP YU5zyLlsoNUiVv6wAghGHYx2LZViakfg9PI1F8Bkb47c1gBi4/4C3HN3uAsIP+gy uY3R+/+6nfK7X9ra44LgRQsDPzTqZa23TupYTsv0jza3Jq59S9VYNJNF8zoIdr9K YkFrEjQ0Q7WaAFHcHOkv38DO5sMMZ3tWCF3zAcRkKf0gdWVBNIFUFsL1VqnIFdS8 sYTkPsVnkZ3iB8ua6S5AQvhKTchZPWRv2sxLr2UUW6klwyVAD5WPs44X+KH3xeRf yjEMGY1r/AX94XAMqQa881UayjxEQ6Td1URYdKNMWBDLQC0bxShZIlocxUSg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm1; t=1709392255; x=1709478655; bh=lYSVsRvc7JktspT7hcZa5C+1QsDx Ib7Kw2GYRHybWBA=; b=C6vd5fHK3vb7plN8ae5LdC6RxOm5CjlLnq/5PSg5ihYY Jx2Kkpvvc0Pm9dUwrPCNY8qpwzrCAIlzYi6TefB1/fbpR3JAxkD+hQ1fnCWZnvGC 2eog2O3m4hoTJdSCH2lkCupNJB+vS/BiywR7L9+zNjp5nCDGDbErqoO1K1buB3s/ VZqOQSqo8iP/hyXb7ksIrtmQb+2txlci6OWSlkrtalSX1T+7APt5zQxI1Wgjk/+t 4r2ir2slYN76HguRHk/4EkMPf5yYX6DKiH04L7AHnDpTTOGg76zJhIkzCJK20kk2 etv+i3fp5xlsUhEHpyFW/rtQBs4rGbRA23yIfe+ebg==
X-ME-Sender: <xms:fkHjZRSYszWaYLCn5gi62gujPf6Zcyw4y3PNPQnx9HRH5Q651cZ00Q> <xme:fkHjZazUfwq5F4j-s_-vtxXshazevLoJtWcs4oJ3irdrH0i0PTn7L0blASgTFI1vM XdTTPn6hLQhai_aRw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrheefgdejvdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkjghffffhvffutgesthdtre dtreertdenucfhrhhomhepfdetlhgvgigrnhguvghrucevlhhouhhtvghrfdcuoegrlhgv gidoihgvthhfsegtohhrvghmvghmrdgtohhmqeenucggtffrrghtthgvrhhnpedvteejhf ehgfegleeuleefteeikefgvefhheekheevvdekueefkeeiieffhfdvgeenucevlhhushht vghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpegrlhgvgidoihgvthhfse gtohhrvghmvghmrdgtohhm
X-ME-Proxy: <xmx:fkHjZW1tcH9UaVLxz0Fr8knG4YSTX4dhqcJKRemeimD4PoQk4gPf0A> <xmx:fkHjZZDxjfAZbUFLunRDD7aJMVfdk1HDCWZxbApyh3XTKHZqqPdZAw> <xmx:fkHjZaj-esBfD_b7Yv5LTHgDR__bDM9-EOTc_ejcfL7Veong3E7QaA> <xmx:f0HjZSLrgu28_mnOntYLPZun-XLYzSI2yKg_AKzSQ7PKgNShpS9BRf6zojQ>
Feedback-ID: ie3614602:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501) id DBA942A20092; Sat, 2 Mar 2024 10:10:54 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.11.0-alpha0-205-g4dbcac4545-fm-20240301.001-g4dbcac45
MIME-Version: 1.0
Message-Id: <573ac5fe-a932-40fa-b5ab-90a3b528e3b6@app.fastmail.com>
In-Reply-To: <170924015107.22977.7815953177776863383@ietfa.amsl.com>
References: <170924015107.22977.7815953177776863383@ietfa.amsl.com>
Date: Sat, 02 Mar 2024 15:10:34 +0000
From: Alexander Clouter <alex+ietf@coremem.com>
To: radext@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/1igrDJ8h63EXAKWuG0Yac-8Jnxk>
Subject: Re: [radext] I-D Action: draft-ietf-radext-tls-psk-09.txt
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Mar 2024 15:11:03 -0000

On Thu, 29 Feb 2024, at 20:55, internet-drafts@ietf.org wrote:
> Internet-Draft draft-ietf-radext-tls-psk-09.txt is now available. It is a work
> item of the RADIUS EXTensions (RADEXT) WG of the IETF.
>
>    Title:   RADIUS and TLS-PSK
>    Author:  Alan DeKok
>    Name:    draft-ietf-radext-tls-psk-09.txt
>    Pages:   20
>    Dates:   2024-02-29

Got to get that aspell integration working again... :)

s/transistion/transition/

Since going hipster^WPython, we now have an off-by-one error[1] and ends up discarding ~24 bits of entropy.

---- implementation0.py
#!/usr/bin/env python3
import base64, secrets
str = base64.b32encode(secrets.token_bytes(16)).decode().lower()
print(str)
print("-".join([str[i:i + 4] for i in range(0, len(str), 3)][0:7]))
----
alex@hanzawa:~$ python3 implementation0.py 
nl4mzes5asqkxd4pklkwagltjq======   <---- raw base32 output of key
nl4m-mzes-s5as-sqkx-xd4p-pklk-kwag <---- processed
----

So you can see the trailing 'ltjq' is missing, and the repetition between tops'n'tails of each block.

It is though *technically* an adhering implementation as it follows "which SHOULD be derived from a source with at least 128 bits"...but likewise so does: :)

{ printf 0123456789abcde; dd if=/dev/urandom bs=1 count=16 2>/dev/null | cut -b1; }

Maybe we should amend that state to "which SHOULD be derived, whilst retaining, from a source with at least 128 bits"

Compounding the confusion is the Python implementation provides no hint on the purpose of the truncation. Maybe we should be more explicit by stripping directly the padding and then it means we no longer need a window applied to the output list:

---- proposed.py
#!/usr/bin/env python3
import base64, secrets
str = base64.b32encode(secrets.token_bytes(16)).decode().rstrip('=').lower()
print('-'.join((str[i:i + 4] for i in range(0, len(str), 4))))
----

Results in 32 characters of output:
----
alex@hanzawa:~$ python3 proposed.py
46mx-u26s-4j2e-igby-akty-6zqu-zy
----

The document refers to 'urandom' which is no longer present, so should be amended to 'token_bytes'.

Cheers

Alex

[1] this may have been deliberate so to pad up to 32+ characters, but the aim here is to provide a clear and understandable implementation to show how easy it is to do the right thing

v2.23.0 | Report a Bug | By Email