Re: [saag] Revision of "Attacks on Cryptographic Hashes in Internet Protocols"

Stephen Farrell <stephen.farrell@cs.tcd.ie> Thu, 08 November 2012 14:26 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8348921F8B4B for <saag@ietfa.amsl.com>; Thu, 8 Nov 2012 06:26:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FOR7FQ65v0io for <saag@ietfa.amsl.com>; Thu, 8 Nov 2012 06:26:25 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id F072621F8B6E for <saag@ietf.org>; Thu, 8 Nov 2012 06:26:24 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 4FFDFBE62; Thu, 8 Nov 2012 14:26:03 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mJW23a1CLJOh; Thu, 8 Nov 2012 14:26:02 +0000 (GMT)
Received: from [130.129.96.58] (dhcp-603a.meeting.ietf.org [130.129.96.58]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id D3FA3BE61; Thu, 8 Nov 2012 14:26:00 +0000 (GMT)
Message-ID: <509BC0F6.3060509@cs.tcd.ie>
Date: Thu, 08 Nov 2012 14:25:58 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:16.0) Gecko/20121028 Thunderbird/16.0.2
MIME-Version: 1.0
To: Barry Leiba <barryleiba@computer.org>
References: <9B93EFAD-AD9B-4402-8CC2-79239EB3DF2E@vpnc.org> <CAC4RtVCL1OOXJ6mvbAcNOnAhDiaW797-rU6GvEhbkMHk5N4e3Q@mail.gmail.com>
In-Reply-To: <CAC4RtVCL1OOXJ6mvbAcNOnAhDiaW797-rU6GvEhbkMHk5N4e3Q@mail.gmail.com>
X-Enigmail-Version: 1.4.5
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: Paul Hoffman <paul.hoffman@vpnc.org>, IETF Security Area Advisory Group <saag@ietf.org>
Subject: Re: [saag] Revision of "Attacks on Cryptographic Hashes in Internet Protocols"
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Nov 2012 14:26:25 -0000

On 11/08/2012 02:21 PM, Barry Leiba wrote:
>> Greetings again. Bruce Schneier and I have started an update to RFC 4270,
>> "Attacks on Cryptographic Hashes in Internet Protocols". This revision is
>> meant to deal with new and more devastating attacks on MD5, the fact that
>> SHA-1 collisions will be financially feasible in the foreseeable future, and
>> NIST's upcoming SHA-3 announcements. We expect to keep this revision
>> process open for at least five months because NIST probably won't finalize
>> the parameters and naming and so on for KECCAK until then; that is, we
>> won't send this to RFC Editor until SHA-3 is finalized. Please take a look at
>>
>> http://tools.ietf.org/html/draft-hoffman-schneier-4270bis
> 
> Is there time in the SAAG session today to run through the major changes?

Plan is for Paul to do that at open-mic without slides, but it'll be
March-ish before NIST have the parameters AIUI so there's time. We also
plan to AD sponsor this so it'll get an IETF LC, and might be better to
see presented at IETF-86 around when that LC will be happening.

S.

> 
> Barry
> _______________________________________________
> saag mailing list
> saag@ietf.org
> https://www.ietf.org/mailman/listinfo/saag
> 
>