Re: [secdir] [Cfrg] ISE seeks help with some crypto drafts
mcgrew <mcgrew@cisco.com> Mon, 08 April 2019 13:32 UTC
Return-Path: <mcgrew@cisco.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2AAC2120302; Mon, 8 Apr 2019 06:32:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bMz5T-MoyQzb; Mon, 8 Apr 2019 06:32:24 -0700 (PDT)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89B001200E9; Mon, 8 Apr 2019 06:32:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=12541; q=dns/txt; s=iport; t=1554730344; x=1555939944; h=from:message-id:mime-version:subject:date:in-reply-to:cc: to:references; bh=ggjtacdMWujc/LMtmxO226jFrlIgKK4WqTnjhZBxbQg=; b=OeMMnjpn3Z4piMfUDQm0Yn/+bsOyxpVuMbq4y6JQyCqWWDH+P93GIdbv HHSqFSBibQIi9vYKvbXBmHZc4sxYjn7aCvad6OiJIk2X1fFca6yt2wiya q/1CcVCK1I4QWLzqSFvxCy4T5paz7F4eGThhf7BxnJKEbkT805ZvTr960 Q=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ADAABGTKtc/5FdJa1lDgsBAQEBAQEBAQEBAQEHAQEBAQEBgVEEAQEBAQELAYIQaIEDJwqEBIgcjSt+kVCFeIF7DgEBGAEMhEcChWUiNAkNAQEDAQEJAQIBAm0cDIVKAQEBAQIBAQEhSwYFBQsLCQ8nAwICJx8RBg4FgyIBgW0ID61SgS+ERQMPL0CEWQWBMAGEXIUmgUQXgT9AgREnH4FOSQcuPoJhAQECAQGEZzGCJgOKUYIWLIY3kjwJg06ENYwAGoIFhhaJWIJpjG2FCIppgnMCERWBTziBQgwIcBU7KgGCDQEzPoU7hRSFBFcjAQExAY9MAYEfAQE
X-IronPort-AV: E=Sophos;i="5.60,325,1549929600"; d="scan'208,217";a="545130140"
Received: from rcdn-core-9.cisco.com ([173.37.93.145]) by rcdn-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 08 Apr 2019 13:32:23 +0000
Received: from XCH-ALN-004.cisco.com (xch-aln-004.cisco.com [173.36.7.14]) by rcdn-core-9.cisco.com (8.15.2/8.15.2) with ESMTPS id x38DWNhl005130 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Mon, 8 Apr 2019 13:32:23 GMT
Received: from rtp-mcgrew-nitro2.cisco.com (10.117.145.147) by XCH-ALN-004.cisco.com (173.36.7.14) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 8 Apr 2019 08:32:22 -0500
From: mcgrew <mcgrew@cisco.com>
Message-ID: <3D2D9C29-6FBB-45F5-ABA8-C52D3583C273@cisco.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_1F7E2104-EE71-4103-AEA6-C986148B9030"
MIME-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.8\))
Date: Mon, 08 Apr 2019 09:32:08 -0400
In-Reply-To: <35FC8AD5-BF45-4C3E-A0A8-0EA426970DEA@ll.mit.edu>
CC: Eric Rescorla <ekr@rtfm.com>, "<sec-ads@ietf.org>" <sec-ads@ietf.org>, cfrg <cfrg@irtf.org>, Nevil Brownlee <rfc-ise@rfc-editor.org>, "secdir@ietf.org" <secdir@ietf.org>
To: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
References: <1d8de489fc976b63a911573300a431d4.squirrel@www.amsl.com> <CABcZeBNxgUsWpgWkUQPVrnaKYRCZud1LvkvQgt_5KX7ZhQ3sSQ@mail.gmail.com> <35FC8AD5-BF45-4C3E-A0A8-0EA426970DEA@ll.mit.edu>
X-Mailer: Apple Mail (2.3445.104.8)
X-Originating-IP: [10.117.145.147]
X-ClientProxiedBy: xch-rtp-001.cisco.com (64.101.220.141) To XCH-ALN-004.cisco.com (173.36.7.14)
X-Outbound-SMTP-Client: 173.36.7.14, xch-aln-004.cisco.com
X-Outbound-Node: rcdn-core-9.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/0yf72aXJP8Wsr2a78cZeDIs4Bp0>
Subject: Re: [secdir] [Cfrg] ISE seeks help with some crypto drafts
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Apr 2019 13:32:28 -0000
Hi Uri, > On Apr 8, 2019, at 8:30 AM, Blumenthal, Uri - 0553 - MITLL <uri@ll.mit.edu> wrote: > > Well, we *are* interested in OCB and ciphers with block size != 128 bits, even if we won't necessarily document our use in another RFC. The draft on OCB with general block size needs more usage guidance, as I discussed with Ted and you when the drafts were first discussed last year (please see https://cfrg.irtf.narkive.com/QRDFp12y/rfcs-for-wider-block-rc6-and-ocb#post5) It is really important that an RFC provide strong guidance to users, as their target audience is implementers and users that might not understand the security ramifications. I am not opposed to publishing this draft, but I see it as a critical next step to fully document the interest that you mention, either in draft-krovetz-ocb-wideblock or in a document that can be referenced by that one, along with usage guidance on when it is a good idea to do AEAD with a wide block cipher or a small block cipher. The general block size draft would be more appealing if it could be tied to a w != 128 cipher that has withstood significant significant cryptanalysis. For smaller block sizes, this could be one of the modern 64-bit ciphers like PRESENT, SIMON, or SPECK, though I don’t think we should be promoting the use of 64-bit modes of operation for general-purpose use. For implementation environments where a 64-bit cipher fits better than AES, it would be really attractive to use an AEAD mode that is secure beyond the birthday bound, as a way to compensate for the significant security degradation due to short blocks. It would be great if we could leverage whatever interest there is in small block ciphers into some momentum towards higher-security modes of operation. It looks like the drafts haven’t been updated since they were first posted, though Ted expressed a willingness to update them. Thanks David > > Thus, I see your point but disagree with it's apparent conclusion. IMHO the OCB draft should be published. > > Not sure about RC{5,6} - not my cup of tea. > > Regards, > Uri > > Sent from my iPhone > > On Apr 8, 2019, at 08:21, Eric Rescorla <ekr@rtfm.com <mailto:ekr@rtfm.com>> wrote: > >> These drafts seem quite low value to publish: >> >> The existing OCB document [RFC 7253] is cited by exactly zero RFCs (https://datatracker.ietf.org/doc/rfc7253/referencedby/ <https://datatracker.ietf.org/doc/rfc7253/referencedby/>), so having a specification for ciphers with block size != 128 seems of particularly low value. >> >> The existing RC5 document [RFC 2040] has 6 RFC-level citations, but as far as I know, RC5 has practically no usage in IETF protocols. AFAICT, RC6 isn't even specified in an RFC. Thus, test vectors for these algorithms don't seem that interesting. >> >> -Ekr >> >> >> >> >> >> On Fri, Mar 8, 2019 at 9:20 AM RFC ISE (Adrian Farrel) <rfc-ise@rfc-editor.org <mailto:rfc-ise@rfc-editor.org>> wrote: >> Hi CFRG and SecDir, >> >> Ted Krovetz has asked for publication of ... >> >> https://datatracker.ietf.org/doc/draft-krovetz-ocb-wideblock/ <https://datatracker.ietf.org/doc/draft-krovetz-ocb-wideblock/> >> ....and... >> https://datatracker.ietf.org/doc/draft-krovetz-rc6-rc5-vectors/ <https://datatracker.ietf.org/doc/draft-krovetz-rc6-rc5-vectors/> >> >> ....in the Independent Stream. >> >> These are both currently in expired state, but available in the archive. >> >> At this stage I am looking to know whether anyone feels that publication >> would be a bad thing: >> - at this stage >> - ever >> >> Please send me your opinions direct (I am not subscribed to this list, but >> will check the archives). >> >> Please also let me know if you would be willing to be a detailed reviewer >> of this work. >> >> Thanks, >> Adrian >> -- >> Adrian Farrel (ISE), >> rfc-ise@rfc-editor.org <mailto:rfc-ise@rfc-editor.org> >> >> _______________________________________________ >> Cfrg mailing list >> Cfrg@irtf.org <mailto:Cfrg@irtf.org> >> https://www.irtf.org/mailman/listinfo/cfrg <https://www.irtf.org/mailman/listinfo/cfrg> > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg
- [secdir] ISE seeks help with some crypto drafts RFC ISE (Adrian Farrel)
- Re: [secdir] ISE seeks help with some crypto draf… Paul Wouters
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Salz, Rich
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… David Wong
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Stephen Farrell
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… John Mattsson
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Aaron Zauner
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Aaron Zauner
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Aaron Zauner
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… mcgrew
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Aaron Zauner
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Ted Krovetz
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Paul Hoffman
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Paul Wouters
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Watson Ladd
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Paul Wouters
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Paul Hoffman
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… S Moonesamy
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Benjamin Kaduk
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Uri Blumenthal
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Ted Krovetz
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Benjamin Kaduk
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Uri Blumenthal
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Stephen Farrell
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Tony Arcieri
- [secdir] Time to recharter CFRG as a working grou… StJohns, Michael
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tony Arcieri
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Peter Gutmann
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Salz, Rich
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Salz, Rich
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… John Mattsson
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Valery Smyslov
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Mathy Vanhoef
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Michael StJohns
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Richard Barnes
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Salz, Rich
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Stephen Farrell
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Michael StJohns
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… denis bider
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Richard Barnes
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Daniel Kahn Gillmor
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Michael StJohns
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Paterson Kenneth
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Paul Wouters
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Uri Blumenthal
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tony Arcieri
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tony Arcieri
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Paterson Kenneth
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… denis bider
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Watson Ladd
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Melinda Shore
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Uri Blumenthal
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… denis bider
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Peter Gutmann
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Melinda Shore
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… mcgrew
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… denis bider
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Watson Ladd
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Paul Wouters
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Donald Eastlake
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Michael StJohns
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Peter Gutmann
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… mcgrew
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tero Kivinen
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Peter Gutmann
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Tero Kivinen
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Peter Gutmann
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… StJohns, Michael
- Re: [secdir] [Cfrg] Time to recharter CFRG as a w… Stephen Farrell
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] ISE seeks help with some crypto draf… Eric Rescorla
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Eric Rescorla
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… mcgrew
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… mcgrew
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Ted Krovetz
- Re: [secdir] [Cfrg] ISE seeks help with some cryp… Benjamin Kaduk