IETF Logo Mail Archive

Re: [saag] AD review of draft-iab-crypto-alg-agility-06

Christian Huitema <huitema@microsoft.com> Tue, 28 July 2015 04:55 UTC

Return-Path: <huitema@microsoft.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8FF8B1A1AAE for <saag@ietfa.amsl.com>; Mon, 27 Jul 2015 21:55:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rIri2Xhdjk0K for <saag@ietfa.amsl.com>; Mon, 27 Jul 2015 21:55:01 -0700 (PDT)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2on0116.outbound.protection.outlook.com [65.55.169.116]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D8BFC1A1AA9 for <saag@ietf.org>; Mon, 27 Jul 2015 21:55:00 -0700 (PDT)
Received: from DM2PR0301MB0656.namprd03.prod.outlook.com (10.160.96.18) by DM2PR0301MB1262.namprd03.prod.outlook.com (10.160.219.27) with Microsoft SMTP Server (TLS) id 15.1.213.14; Tue, 28 Jul 2015 04:54:59 +0000
Received: from DM2PR0301MB0655.namprd03.prod.outlook.com (10.160.96.17) by DM2PR0301MB0656.namprd03.prod.outlook.com (10.160.96.18) with Microsoft SMTP Server (TLS) id 15.1.225.19; Tue, 28 Jul 2015 04:54:58 +0000
Received: from DM2PR0301MB0655.namprd03.prod.outlook.com ([10.160.96.17]) by DM2PR0301MB0655.namprd03.prod.outlook.com ([10.160.96.17]) with mapi id 15.01.0219.018; Tue, 28 Jul 2015 04:54:58 +0000
From: Christian Huitema <huitema@microsoft.com>
To: "saag@ietf.org" <saag@ietf.org>
Thread-Topic: [saag] AD review of draft-iab-crypto-alg-agility-06
Thread-Index: AQHQwLSqpuE/uycWaUm/m9eo13E63Z3g5oyAgA7gMICAAFiLAIAACT4AgAA4AfA=
Date: Tue, 28 Jul 2015 04:54:58 +0000
Message-ID: <DM2PR0301MB0655CF099FA7C56E9B9D24A9A88D0@DM2PR0301MB0655.namprd03.prod.outlook.com>
References: <55A938F1.9090404@cs.tcd.ie> <CD936D80-BEA2-4918-828C-E3A392761EC5@gmail.com> <20150727194020.GD15860@localhost> <55B6D36C.70105@iang.org> <20150728013020.GO4347@mournblade.imrryr.org>
In-Reply-To: <20150728013020.GO4347@mournblade.imrryr.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;
x-originating-ip: [24.16.156.113]
x-microsoft-exchange-diagnostics: 1; DM2PR0301MB0656; 5:zm1dQuor1o9BBArCJw7wyRgGLiN9+u2mcYQKrgB2g510H8cqp6uW0916jJ9xxBkLEtbfNWHlzQmVK0caZQd46jtHiWWGlhV6eZBn0uoJGnokyLHE31CeQTR9oBongIDj19UCdLQJZvbqwl13qsOd7w==; 24:apeG0voT/gdJoIEY8Bnuu20hemsHv3UGO9TOPRHCxZXD+cq8rK9wagH6ZT6+ACRgtSufsym9pJP82Z9Zl7FbK/GvzDjaNJyLxPsLmC2Ximo=; 20:6kkGNQoHe4wV+nh4dVZn+rkTSk+SdML/Yhkd0WnhJ7Pig6mkcpIqNFastyQnXGcYsKvbEjVdDDS8kVV7ieZkdw==
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0301MB0656; UriScan:; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0301MB1262;
dm2pr0301mb0656: X-MS-Exchange-Organization-RulesExecuted
x-microsoft-antispam-prvs: <DM2PR0301MB0656408C063B9C29EAC8DDB3A88D0@DM2PR0301MB0656.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401001)(5005006)(3002001); SRVR:DM2PR0301MB0656; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0301MB0656;
x-forefront-prvs: 06515DA04B
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(230783001)(33656002)(87936001)(2656002)(93886004)(46102003)(86362001)(74316001)(66066001)(50986999)(76176999)(54356999)(2900100001)(2950100001)(77096005)(5001920100001)(77156002)(92566002)(107886002)(99286002)(110136002)(86612001)(5003600100002)(62966003)(2501003)(2351001)(450100001)(5001960100002)(102836002)(106116001)(40100003)(5002640100001)(76576001)(10090500001)(189998001); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0301MB0656; H:DM2PR0301MB0655.namprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Jul 2015 04:54:58.7802 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0301MB0656
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0301MB1262; 2:eEYEYyy3+h0qiFMNDKrTufnRLnZD76Yj91bp2BeSPs4D0KqskoAFIHiuN90NTtUL; 3:RbWRIsq+TqlsGwxhWvWAnUk7u6yNaJ8k81M4mQBKfV42LfAFoxGsjUc0C6vbwAJULfEjD1NgijfBaPqNoTYgjwNgyQZ0CnSLlgkTidJE0YOLPUo5hYQIvjKlKXajtLqJv+qI/ls36YXSPj5j2WVlMA==; 25:uLIU30ebF+lkz3SYK56dl4LwQ18pEDF3gFkatJioRlcu+elrLWz5+xxZ3mPGXhytPje8/kFxWpazTsSiTgXTLJh/1dBYf2dlrKMlmsEOSoizf4fFzsQr0+PTdg/3UVe6OafTSlRDwIrZuiJYFXhhCz/c+ExvaTSaqNFEkU+odqGq0p3vVYs5oQD8vl0CH+uxZBr4hL0YgqvVm44HtAtmqyfdyIy4YIBOFXFIuBowbidBhmW7ra9Wq3URjxTIZYqwRDqVF8ew3bERRm6tVmG+4w==
X-Microsoft-Exchange-Diagnostics: 1; DM2PR0301MB1262; 20:xfxsAV+C1nYxOfarXapp9b3ZLkZm2Kd7EA4/YBUMUdfsdzHnnQCHO3aQUMrwOoMyxjSkircmC97JA9m0V+IOkb9Cwy/wwCX4NIaQliPnLV5fSwBxD3TF5b7/xPCk3EJDfgchkiOeTDEz/IojNRa3PEBvtiLekfgo6nmQS0cjgpZ0/Y4Gsiuty+7nkZSANtZoIxlGTlcplzeJO8buKhrYocQFIrWXe7u4cEfBfKNISW50vkSzPUyAAM7R+07fijShN5IXMBQdLek7Un+DfUFSALRlTy+QfOGadJTgesqVGs/rA7U9xknwCawQB8TbU8WQpiEWRFVyE/s7OT6FL+HZiY+OH/itlD6z3rij4HFy34U5iK0ZD3ss5kM3klP6FRKZ1M12LjFM8FkqwAxFSWsEGXi9mHdeaevV8mpMxbfi4xzvLU7icfAZZjH5z2PSTr+Vw/stKj8iMSJ9NcgzFmGWikJRP4CuSjhdXULye4FsPm1hmRDghRivYbMaXklMD06k; 23:x0IOe2uDfKxMOO3Z+O8KnJVDSYQ9sHmtvxwLBcB+77cZWguYa1H2+arjKH0v9tvECCY2Urj7MQwgyRSanWG7NLjVRTDdCeuYRQToO0gmIq0mxuGcPigHbPV0hXlm9gaMfmmSZ3KTuEAe2gs4yF+DVlsNcuoLXRm9NoVTHrAmT8lDWAb0jmg13+448cCyJHNoEFZn1XIMMDtUH6N2NcCoL4pbVRIoSkK1pXsWP49+cD+daR5eNXxRhk/7+En8egzA
DM2PR0301MB1262: X-MS-Exchange-Organization-RulesExecuted
X-OriginatorOrg: microsoft.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/Kf7gQHhAdDb32DjT0VR92sVS6W8>
Subject: Re: [saag] AD review of draft-iab-crypto-alg-agility-06
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jul 2015 04:55:02 -0000

> I agree on the theory, but the practice is a bit more nuanced post
> Logjam.
>
> I think it is fair to say that Logjam falls into the class of
> protocol weaknesses.  in this case lack of a means in TLS to
> negotiate FFDH parameters, and clients not having the code or UI
> to check for unreasonably server-chosen DH groups).

OS is by definition prone to MITM attacks, including downgrade attacks. Just negotiating any which algorithm key that comes out of the channel is too dangerous for my taste. If we do OS we should also enable a form of MITM detection, maybe channel binding. It will not be used in all OS connections, but using it in some connections in an unpredictable should be enough to detect and deter mass deployment of MITM.

-- Christian Huitema

v2.23.0 | Report a Bug | By Email