IETF Logo Mail Archive

Re: [saag] another conflict review of some GOST stuff

"Stanislav V. Smyshlyaev" <smyshsv@gmail.com> Fri, 11 December 2015 11:54 UTC

Return-Path: <smyshsv@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55B7B1A89F2 for <saag@ietfa.amsl.com>; Fri, 11 Dec 2015 03:54:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iYfM7fpUuElf for <saag@ietfa.amsl.com>; Fri, 11 Dec 2015 03:54:11 -0800 (PST)
Received: from mail-vk0-x22f.google.com (mail-vk0-x22f.google.com [IPv6:2607:f8b0:400c:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D6BFF1A89ED for <saag@ietf.org>; Fri, 11 Dec 2015 03:54:10 -0800 (PST)
Received: by vkca188 with SMTP id a188so114740431vkc.0 for <saag@ietf.org>; Fri, 11 Dec 2015 03:54:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:cc:content-type; bh=Eix/Ylm0Ir9NAkpGOT4Zh8holWOyoi64W0FwWeBDa4w=; b=UP2/1C5lGWYhhFoDh4BFEcjb0+OfSVdAz31lXbDJuxA2CqwPe2YMggA5dMNUKGr/FA ZKc3V0DQ57INhasBuYnN9ujC6a6rfs09eKJA2q2iIhXOqODrJo1VVD9ywvTMNGUO76Ne 0q0l29DHkrOZbg5EtWjP0uLL4AbXBxPeVtwVSvOAXrx4eDza2UQBfk4FxMHdmSCxhSrH NLMUf0Rikfuf+sn4qK7BxeOVrdCyWil5DjidIUtTncCDYB+afSAoi5uYPdV298Do9HEl 2gUO6GOWDY9sgMi3spHbz6JIccT9xntVx1a8CjHwJC6eS4+sr55Q0BC3mvX4r0+idhKW 73+g==
MIME-Version: 1.0
X-Received: by 10.31.2.17 with SMTP id 17mr12696934vkc.130.1449834850020; Fri, 11 Dec 2015 03:54:10 -0800 (PST)
Received: by 10.31.63.78 with HTTP; Fri, 11 Dec 2015 03:54:09 -0800 (PST)
Date: Fri, 11 Dec 2015 14:54:09 +0300
Message-ID: <CAMr0u6kD_Zq+YhcH=HmUphtyunma=h2HNURKuNUPjZmJW1LSSQ@mail.gmail.com>
From: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>
To: kivinen@iki.fi, stephen.farrell@cs.tcd.ie, saag@ietf.org
Content-Type: multipart/alternative; boundary="001a113dadd637f32805269dfbb0"
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/bdNt8iwMYXIbmseTah4r61RHXvI>
X-Mailman-Approved-At: Fri, 11 Dec 2015 08:10:09 -0800
Subject: Re: [saag] another conflict review of some GOST stuff
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Dec 2015 11:54:13 -0000

Hello, Tero!


>>That draft is not enough to specify how them are used in the
>>interoperable manner, as it does not allocate IANA numbers for them.
>>Of course if you have some other document specifying how to use
>>private use numbers for those algorithms then you could use those
>>algorithms, but then I think it would be better to move sections
>>4.2.2 to that document.

>>So if the algorithms are already specified in earlier RFCs, this
>>document tries to specify how to use them, but does not do that as it
>>does not even try to do IANA allocations, I do fail to see the meaning
>>of this document.

>>I.e. is this document trying to make GOST so that it can be used in
>>the IPsec or not. If yes, are you expecting to do IANA allocations
>>based on this document later, or what?






Let me clarify this. We don’t want any IANA allocations based on this
document. We fix algorithms for usage in protocols (IKEv1, TLS) – to cite
the document with algorithms, not describing protocols there. We don’t
think that this approach contradicts anything. This RFC is, in fact, an
international version of Russian standardization system document of
Technical Committee on Cryptography (TC 26) – that has been officially
approved and is currently used. All protocol definitions will be made (for
IKEv2 and TLS) independently in other RFCs.





>>From that point of view the IKEv2 section of the draft (4.2.2.2) is
>>not enough. The section 4.2.2.2 says that for this document specifies
>>HMAC_GOST3411_2012_256 and HMAC_GOST3411_2012_512 for PRFs for IKEv2,
>>but this document does not specify those at all. There is
>>HMAC_GOSTR3411_2012_256 and HMAC_GOSTR3411_2012_512, but I am not sure
>>whether they are actually same (GOST vs GOSTR), i.e. is this just typo
>>on one of those sections or something else?



Yes, this is a misprint. HMAC_GOSTR3411_2012_256 and
HMAC_GOSTR3411_2012_512 must be there. We’ll correct it in the final
revision, thank you very much.



>>The section 4.1.1 defining HMAC_GOSTR3411_2012_256 says that it "uses
>>H_256 as a hash function for HMAC", but does not specify what H_256
>>actually means. I assume it means n = 256 bits hash function from the
>>RFC6986, but that is not exactly clear.



H_256 is defined in the section «abbreviations and symbols» at page 4:

H_256 | GOST R 34.11-2012 hash function with 256-bit output |



>>Also text in this document only covers using those GOST as PRF, there
>>is not enough specification to use them as AUTH algorithm, or to use
>>the digital signatures in the IKEv2 authentication.



Yes, we know. If we make specifications of GOST usage in IKEv2, we’ll
prepare a specification for it.


Best regards,

Stanislav

v2.23.0 | Report a Bug | By Email