Re: [secdir] Secdir review of draft-ietf-karp-crypto-key-table-08.txt
Uri Blumenthal <uri@MIT.EDU> Fri, 09 August 2013 12:28 UTC
Return-Path: <uri@mit.edu>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5A1F21F9EFF; Fri, 9 Aug 2013 05:28:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.203
X-Spam-Level:
X-Spam-Status: No, score=-2.203 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JYyvwBgjv9i7; Fri, 9 Aug 2013 05:28:51 -0700 (PDT)
Received: from dmz-mailsec-scanner-1.mit.edu (dmz-mailsec-scanner-1.mit.edu [18.9.25.12]) by ietfa.amsl.com (Postfix) with ESMTP id C67BB21F9E9A; Fri, 9 Aug 2013 05:28:44 -0700 (PDT)
X-AuditID: 1209190c-b7fac8e000006335-14-5204e07b093e
Received: from mailhub-auth-1.mit.edu ( [18.9.21.35]) by dmz-mailsec-scanner-1.mit.edu (Symantec Messaging Gateway) with SMTP id 53.92.25397.B70E4025; Fri, 9 Aug 2013 08:28:43 -0400 (EDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by mailhub-auth-1.mit.edu (8.13.8/8.9.2) with ESMTP id r79CSf19006603; Fri, 9 Aug 2013 08:28:42 -0400
Received: from [192.168.1.108] (chostler.hsd1.ma.comcast.net [24.62.227.134]) (authenticated bits=0) (User authenticated as uri@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id r79CSb39012732 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Fri, 9 Aug 2013 08:28:39 -0400
References: <7E1636E02F313F4BA69A428B314B77C708CA7638@xmb-aln-x12.cisco.com> <9D8F4DC5-30E2-4E21-B28C-C44DA6105A5F@vigilsec.com> <tsl61vhwl0b.fsf@mit.edu> <7E1636E02F313F4BA69A428B314B77C708CAF367@xmb-aln-x12.cisco.com>
Mime-Version: 1.0 (1.0)
In-Reply-To: <7E1636E02F313F4BA69A428B314B77C708CAF367@xmb-aln-x12.cisco.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-Id: <70181507-3E70-4DED-9E74-2F61CBF63F50@mit.edu>
X-Mailer: iPad Mail (10B329)
From: Uri Blumenthal <uri@MIT.EDU>
Date: Fri, 09 Aug 2013 08:28:39 -0400
To: "Klaas Wierenga (kwiereng)" <kwiereng@cisco.com>
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprOKsWRmVeSWpSXmKPExsUixCmqrFv9gCXIYP03Noudf6ewWMz0tJjx ZyKzxdlfTBYfFj5kcWD1mPJ7I6vHkiU/mTxmf2tl9Phy+TNbAEsUl01Kak5mWWqRvl0CV0b3 j1fsBXcFK1Zs2cvUwDiVr4uRk0NCwESi6V4HE4QtJnHh3nq2LkYuDiGBfYwSl6etZwdJCAls YJQ4/ykCwt7LJPHmPxdE0W1GiU8nrrB2MXJw8AqIS1w96ANSwyngK3HrWx87SJhZQEdi8kJG kDCzgLbEsoWvmUFsXgEriZYVH9hBxjALvGOU2LrzOiPEETISm7c/BtvLJqAk0dy8hRXEFhbw k/g3bT+YzSKgItG89i3Y0SJAD+xe9oltAqPgLIQrZiFsnoVk8wJG5lWMsim5Vbq5iZk5xanJ usXJiXl5qUW6hnq5mSV6qSmlmxjBYS7Js4PxzUGlQ4wCHIxKPLwntjAHCbEmlhVX5h5ilORg UhLllb/DEiTEl5SfUpmRWJwRX1Sak1p8iFGCg1lJhHf7BKAcb0piZVVqUT5MSpqDRUmc9+nT s4FCAumJJanZqakFqUUwWRkODiUJ3tL7QI2CRanpqRVpmTklCGkmDk6Q4TxAw+1AaniLCxJz izPTIfKnGHU5Js2d/4lRiCUvPy9VSpy3HaRIAKQoozQPbg4sPb1iFAd6S5hXDKSKB5ja4Ca9 AlrCBLRk+mGwJSWJCCmpBkYNM/myKZy5njPjbz9V2qj2Zxfv9p2itx7N2Pyp6vnS2WyyeyZ7 ewTyTzNTYbVXKNmXLL/jQ8/jPQERBi9m/L0kZmg7gW9PktahRwtnC0/K+FvaneFVmvnHbIOk SUPl8tbTFtJzZq966tRv9PycyZ3z6h3Zpf7OoSefKn5fqDbbJ+Ot7eQ7pWFKLMUZiYZazEXF iQDXUiUwKgMAAA==
Cc: Sam Hartman <hartmans@PAINLESS-SECURITY.COM>, "draft-ietf-karp-crypto-key-table.all@tools.ietf.org" <draft-ietf-karp-crypto-key-table.all@tools.ietf.org>, The IESG <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] Secdir review of draft-ietf-karp-crypto-key-table-08.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Aug 2013 12:28:56 -0000
IMHO, yes - a KDF must be one-way. Including "key-stretcher" functions. TNX! Sent from my iPad On Aug 9, 2013, at 4:48, "Klaas Wierenga (kwiereng)" <kwiereng@cisco.com> wrote: > Russ, Sam, > > On Aug 7, 2013, at 5:58 PM, Sam Hartman <hartmans@PAINLESS-SECURITY.COM> wrote: > >>>>>>> "Russ" == Russ Housley <housley@vigilsec.com> writes: >> >> Russ> Klaas: The property you describe depends on the inputs to the >> Russ> KDF, not just the definition of the function. >> >> Russ> Notice that an IANA registry is defined, and each entry should >> Russ> point to a definition of the function. >> >> So, there are a couple of things. >> There are functions that take a random bit string and convert them into >> a key. For example if you have 56 random bits and want a 64-bit >> correct-parity DES key. >> >> I don't have a good name for such a function but it's not a KDF. >> >> There are functions that take the output of key agreement (DH, ECDH, >> etc) and convernt into a good symmetric key. I've heard those described >> as key expansion functions or KDFs. >> >> There are functions that take one symmetric key and turn it into another >> symmetric key so that you can construct a key hierarchy. I've also seen >> these described as KDFs. It's probable that any function that's really >> good at taking key agreement output as input and producing a strong key >> will also be good enough for establishing a key hierarchy. >> >> I'm not aware of definitive definitions in this space, and I'm fairly >> sure the text we added in 08 is what we mean for this document. > > OK, I don't argue that this is what you need at all, so no argument there. The only question I raised is whether one-way is a necessary condition for each and every KDF. I would argue that key stretching not necessarily means one-way . > > If you add "in this document" somewhere in the definition I'd be happy, if you don't, no big deal either. > > Klaas > > > > _______________________________________________ > secdir mailing list > secdir@ietf.org > https://www.ietf.org/mailman/listinfo/secdir > wiki: http://tools.ietf.org/area/sec/trac/wiki/SecDirReview
- [secdir] Secdir review of draft-ietf-karp-crypto-… Klaas Wierenga (kwiereng)
- Re: [secdir] Secdir review of draft-ietf-karp-cry… Russ Housley
- Re: [secdir] Secdir review of draft-ietf-karp-cry… Sam Hartman
- Re: [secdir] Secdir review of draft-ietf-karp-cry… Klaas Wierenga (kwiereng)
- Re: [secdir] Secdir review of draft-ietf-karp-cry… Uri Blumenthal
- Re: [secdir] Secdir review of draft-ietf-karp-cry… Uri Blumenthal