IETF Logo Mail Archive

Re: [saag] sntrup761x25519-sha512

"Kampanakis, Panos" <kpanos@amazon.com> Fri, 19 May 2023 21:05 UTC

Return-Path: <prvs=496258a54=kpanos@amazon.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D3E2C151707 for <saag@ietfa.amsl.com>; Fri, 19 May 2023 14:05:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.596
X-Spam-Level:
X-Spam-Status: No, score=-9.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazon.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HlCZ2B9ujsEv for <saag@ietfa.amsl.com>; Fri, 19 May 2023 14:05:30 -0700 (PDT)
Received: from smtp-fw-33001.amazon.com (smtp-fw-33001.amazon.com [207.171.190.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 868D4C1516E3 for <saag@ietf.org>; Fri, 19 May 2023 14:05:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1684530331; x=1716066331; h=from:to:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version:subject; bh=2sRJgSISsWwgwDyTUOOF7mOpWopgC78YUk1wsSX/JNU=; b=pk+Boc3MyIcqfwLQAWIJFn+vX+TiR+S2GqMe0MSPHCPSmoRyLhw+rizi Pi1uTy2Bapils0p5tWNf8agxJ5D7BbcpVYImEQAP9VVrrPyi3aqsWUueo 8sCIek4uHhU05ZjPC3G5IoBhyEefGmtVmnEaPC3+HMq1eonQHc9gYVSse I=;
X-IronPort-AV: E=Sophos;i="6.00,177,1681171200"; d="scan'208";a="286016977"
Thread-Topic: [saag] sntrup761x25519-sha512
Received: from iad12-co-svc-p1-lb1-vlan3.amazon.com (HELO email-inbound-relay-pdx-2a-m6i4x-3ef535ca.us-west-2.amazon.com) ([10.43.8.6]) by smtp-border-fw-33001.sea14.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 19 May 2023 21:05:25 +0000
Received: from EX19MTAUWC002.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan3.pdx.amazon.com [10.236.137.198]) by email-inbound-relay-pdx-2a-m6i4x-3ef535ca.us-west-2.amazon.com (Postfix) with ESMTPS id 11F8060DD1; Fri, 19 May 2023 21:05:22 +0000 (UTC)
Received: from EX19D001ANA004.ant.amazon.com (10.37.240.187) by EX19MTAUWC002.ant.amazon.com (10.250.64.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Fri, 19 May 2023 21:05:22 +0000
Received: from EX19D001ANA001.ant.amazon.com (10.37.240.156) by EX19D001ANA004.ant.amazon.com (10.37.240.187) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.26; Fri, 19 May 2023 21:05:21 +0000
Received: from EX19D001ANA001.ant.amazon.com ([fe80::4f78:75cd:3117:8055]) by EX19D001ANA001.ant.amazon.com ([fe80::4f78:75cd:3117:8055%5]) with mapi id 15.02.1118.026; Fri, 19 May 2023 21:05:21 +0000
From: "Kampanakis, Panos" <kpanos@amazon.com>
To: Simon Josefsson <simon=40josefsson.org@dmarc.ietf.org>, "saag@ietf.org" <saag@ietf.org>
Thread-Index: AQHZio3ay00q+rO7j0K/i2jctBbM569iE8Fg
Date: Fri, 19 May 2023 21:05:20 +0000
Message-ID: <f6aa133635084609b0032ab1cfbfb7ce@amazon.com>
References: <875y8y4ip2.fsf@kaka.sjd.se> <84296E62-5843-4E7A-BD43-430491A5A1F3@akamai.com> <874jo8ytgw.fsf@kaka.sjd.se>
In-Reply-To: <874jo8ytgw.fsf@kaka.sjd.se>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.37.240.172]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/ZMYf86L98rQZx0krFW_xlEamq-g>
Subject: Re: [saag] sntrup761x25519-sha512
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 May 2023 21:05:34 -0000

Hi Simon,

I have asked this question to the ADs 3-4 years back and reopening CURDLE was not an option. Introducing PQ algorithms to SSH has also been discussed in SAAG before and the outcome was that there is no WG to do this work right now. So, imo AD-sponshorship is your only option. 

If you manage to get it sponsored, please let me know because we would like to see https://datatracker.ietf.org/doc/draft-kampanakis-curdle-ssh-pq-ke/ standardized as well.

Personally, I would rather we standardized ECDH with Kyber in SSH instead of SNTRU because Kyber is making it into other protocols and was picked by NIST. I have nothing against SNTRU, and SNTRU+X25519 was a good early adoption for OpenSSH, but in my opinion it is better to converge on less primitives instead of more.

Rgs,
Panos


-----Original Message-----
From: saag <saag-bounces@ietf.org> On Behalf Of Simon Josefsson
Sent: Friday, May 19, 2023 4:09 PM
To: saag@ietf.org
Subject: RE: [EXTERNAL][saag] sntrup761x25519-sha512

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.



Hi

Over at the Curdle list the SSH sntrup761x25519-sha512 draft has been
discussed:

https://datatracker.ietf.org/doc/html/draft-josefsson-ntruprime-ssh-00
https://mailarchive.ietf.org/arch/browse/curdle/?gbt=1&index=g00shBcI9eUnwabG-oVTWdPXTVI

Rich's analysis below of what the IANA registry rules for SSH means, and quoting RFC 8126:

4.8.  IETF Review
     (Formerly called "IETF Consensus" in the first edition of this
   document.)  With the IETF Review policy, new values are assigned only
   through RFCs in the IETF Stream -- those that have been shepherded
   through the IESG as AD-Sponsored or IETF working group documents
   [RFC2026] [RFC5378], have gone through IETF Last Call, and have been
   approved by the IESG as having IETF consensus.

Does SAAG has any feedback on this?  Would you prefer to publish this through a WG or the AD-Sponsored route?

/Simon

"Salz, Rich" <rsalz@akamai.com> writes:

> One issue is that the SSH registries are "IETF Consensus" which means 
> they must be RFCs published in the IETF stream [1] which means either 
> re-opening CURDLE or being AD-sponsored.
>
> [1] https://www.rfc-editor.org/rfc/rfc8126.html#page-22

v2.23.0 | Report a Bug | By Email