Re: [saag] Revision of "Attacks on Cryptographic Hashes in Internet Protocols"
Joe Touch <touch@isi.edu> Wed, 14 November 2012 07:35 UTC
Return-Path: <touch@isi.edu>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95D7E21F8468 for <saag@ietfa.amsl.com>; Tue, 13 Nov 2012 23:35:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.785
X-Spam-Level:
X-Spam-Status: No, score=-103.785 tagged_above=-999 required=5 tests=[AWL=-1.186, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ttulvZSqIdyw for <saag@ietfa.amsl.com>; Tue, 13 Nov 2012 23:35:30 -0800 (PST)
Received: from darkstar.isi.edu (darkstar.isi.edu [128.9.128.127]) by ietfa.amsl.com (Postfix) with ESMTP id 24BB321F8456 for <saag@ietf.org>; Tue, 13 Nov 2012 23:35:30 -0800 (PST)
Received: from [192.168.1.94] (pool-71-105-94-82.lsanca.dsl-w.verizon.net [71.105.94.82]) (authenticated bits=0) by darkstar.isi.edu (8.13.8/8.13.8) with ESMTP id qAE7Z4UQ000098 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 13 Nov 2012 23:35:07 -0800 (PST)
Message-ID: <50A349A8.7090903@isi.edu>
Date: Tue, 13 Nov 2012 23:35:04 -0800
From: Joe Touch <touch@isi.edu>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20121026 Thunderbird/16.0.2
MIME-Version: 1.0
To: Paul Hoffman <paul.hoffman@vpnc.org>
References: <9B93EFAD-AD9B-4402-8CC2-79239EB3DF2E@vpnc.org> <50A2C6A3.7090700@isi.edu> <B4D22742-9874-463D-B175-DAB9DCC5BC89@vpnc.org>
In-Reply-To: <B4D22742-9874-463D-B175-DAB9DCC5BC89@vpnc.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Cc: IETF Security Area Advisory Group <saag@ietf.org>
Subject: Re: [saag] Revision of "Attacks on Cryptographic Hashes in Internet Protocols"
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Nov 2012 07:35:30 -0000
On 11/13/2012 8:24 PM, Paul Hoffman wrote: > On Nov 13, 2012, at 2:16 PM, Joe Touch <touch@isi.edu> wrote: > >> This doc refers to IETF protocols that use hashes, but doesn't discuss any in specific. It also doesn't address how hashes are used, e.g., solo (as a fingerprint), keyed (for authentication and source confirmation), as part of an HMAC, or as part of key derivation. >> >> That sort of information might be additionally useful, IMO. > > The opposite was decided when we did RFC 4270, of which this is a direct revision. Many protocols use hashes in multiple ways, and trying to list them was considered a distraction. I believe that is still the case. The doc says directly that the way in which specific hashes are used in "many" Internet protocols is safe. Indicating the details of that claim is critical to it having *any* weight. Further, there's a big difference in the way in which hashes are used which can be just as important as the use of "better hash algorithms" Leaving the interpretation of this doc as an exercise to the reader renders it inconsequential. Joe
- [saag] Revision of "Attacks on Cryptographic Hash… Paul Hoffman
- Re: [saag] Revision of "Attacks on Cryptographic … Barry Leiba
- Re: [saag] Revision of "Attacks on Cryptographic … Stephen Farrell
- Re: [saag] Revision of "Attacks on Cryptographic … Joe Touch
- Re: [saag] Revision of "Attacks on Cryptographic … Paul Hoffman
- Re: [saag] Revision of "Attacks on Cryptographic … Joe Touch
- Re: [saag] Revision of "Attacks on Cryptographic … David McGrew (mcgrew)
- Re: [saag] Revision of "Attacks on Cryptographic … Andrey Jivsov
- Re: [saag] Revision of "Attacks on Cryptographic … Paul Hoffman
- Re: [saag] Revision of "Attacks on Cryptographic … Paul Hoffman
- Re: [saag] Revision of "Attacks on Cryptographic … Andrey Jivsov
- Re: [saag] Revision of "Attacks on Cryptographic … Paul Hoffman
- Re: [saag] Revision of "Attacks on Cryptographic … Andrey Jivsov
- Re: [saag] Revision of "Attacks on Cryptographic … Paul Hoffman
- Re: [saag] Revision of "Attacks on Cryptographic … Andrey Jivsov
- Re: [saag] Revision of "Attacks on Cryptographic … David McGrew (mcgrew)
- Re: [saag] Revision of "Attacks on Cryptographic … Paul Hoffman
- Re: [saag] Revision of "Attacks on Cryptographic … Mouse
- Re: [saag] Revision of "Attacks on Cryptographic … David McGrew (mcgrew)
- Re: [saag] Revision of "Attacks on Cryptographic … Steven Bellovin
- Re: [saag] Revision of "Attacks on Cryptographic … Mouse