IETF Logo Mail Archive

Re: [saag] A case against algorithm agility (long)

Nico Williams <nico@cryptonector.com> Mon, 05 May 2014 19:25 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E72161A0452 for <saag@ietfa.amsl.com>; Mon, 5 May 2014 12:25:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.044
X-Spam-Level:
X-Spam-Status: No, score=-1.044 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, IP_NOT_FRIENDLY=0.334] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PCVESnaC1-2m for <saag@ietfa.amsl.com>; Mon, 5 May 2014 12:25:46 -0700 (PDT)
Received: from homiemail-a72.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) by ietfa.amsl.com (Postfix) with ESMTP id E27E91A045C for <saag@ietf.org>; Mon, 5 May 2014 12:25:45 -0700 (PDT)
Received: from homiemail-a72.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a72.g.dreamhost.com (Postfix) with ESMTP id 888086B0078 for <saag@ietf.org>; Mon, 5 May 2014 12:25:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=fETVL77DEP08v2Cd4PAS g5lQI8o=; b=JY6mFN2e3jiUDdUcQqN68rzQxaVW5N43jtm3H0j3SmoK7kmmuExZ xxlJZJsWKwT6FaFjW2nWYcQDLOzaLfFfJJYXciNx7a6+DijGK3JT3mPG2vYi4DYW G4VQBpVVn7FDh2qJdXZbepowxPAeT9/8jjGgHeuUiavWLnPYTy0jq88=
Received: from mail-we0-f177.google.com (mail-we0-f177.google.com [74.125.82.177]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a72.g.dreamhost.com (Postfix) with ESMTPSA id 3600F6B0070 for <saag@ietf.org>; Mon, 5 May 2014 12:25:42 -0700 (PDT)
Received: by mail-we0-f177.google.com with SMTP id x48so2668212wes.36 for <saag@ietf.org>; Mon, 05 May 2014 12:25:41 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.180.221.8 with SMTP id qa8mr17289509wic.39.1399317941018; Mon, 05 May 2014 12:25:41 -0700 (PDT)
Received: by 10.216.29.200 with HTTP; Mon, 5 May 2014 12:25:40 -0700 (PDT)
In-Reply-To: <5367DF99.1060700@iang.org>
References: <53650F27.6040607@iang.org> <CAK3OfOhGCKPrYzhC46EVAnro6_FEsNVt16Gzx3Ds3zfR2wznOA@mail.gmail.com> <5367C9DC.10009@iang.org> <CF8D8911.1D4D1%kenny.paterson@rhul.ac.uk> <5367DF99.1060700@iang.org>
Date: Mon, 5 May 2014 14:25:40 -0500
Message-ID: <CAK3OfOifTcNuxxEcodkqQdfM5ozhoRDhbu2y8vr3yUV7DK-+KQ@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: ianG <iang@iang.org>
Content-Type: text/plain; charset=UTF-8
Archived-At: http://mailarchive.ietf.org/arch/msg/saag/G-saZ5qNUSY9L0SMb0EhIA5iwCU
Cc: "saag@ietf.org" <saag@ietf.org>
Subject: Re: [saag] A case against algorithm agility (long)
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 May 2014 19:25:50 -0000

On Mon, May 5, 2014 at 1:59 PM, ianG <iang@iang.org> wrote:
> (One question:  is Nico's claim that this is an example of "being saved"
> more to do with commercial vendors' need to ship product with no
> theoretical or known flaws?)

We considered the attack realistic in some environments, therefore we
felt we had to fix it.  Since we had shipped AES in counter mode, we
didn't have to hurry all that much, so in a sense we were "saved" some
negative consequences.

Nico
--

v2.8.7 | Report a Bug | By Email