Re: [secdir] Secdir review of draft-herzog-static-ecdh-05

"Herzog, Jonathan - 0668 - MITLL" <jherzog@ll.mit.edu> Tue, 15 March 2011 21:06 UTC

Return-Path: <prvs=205554f640=jherzog@ll.mit.edu>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EDBED3A6EDF; Tue, 15 Mar 2011 14:06:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.847
X-Spam-Level:
X-Spam-Status: No, score=-5.847 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_OBFU_ALL=0.751, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QT5PgFIZ19FB; Tue, 15 Mar 2011 14:06:40 -0700 (PDT)
Received: from mx2.ll.mit.edu (MX2.LL.MIT.EDU [129.55.12.46]) by core3.amsl.com (Postfix) with ESMTP id C67303A6EC5; Tue, 15 Mar 2011 14:06:39 -0700 (PDT)
Received: from LLE2K7-HUB02.mitll.ad.local (LLE2K7-HUB02.mitll.ad.local) by mx2.ll.mit.edu (unknown) with ESMTP id p2FL81YI029488; Tue, 15 Mar 2011 17:08:01 -0400
From: "Herzog, Jonathan - 0668 - MITLL" <jherzog@ll.mit.edu>
To: David McGrew <mcgrew@cisco.com>
Date: Tue, 15 Mar 2011 17:07:59 -0400
Thread-Topic: [secdir] Secdir review of draft-herzog-static-ecdh-05
Thread-Index: AcvjVRFCCT07luIDT8uLmx35Y39lBQ==
Message-ID: <9BD7FA82-120B-4433-9EB0-7249C06F6852@ll.mit.edu>
References: <D858A225-D1D1-497D-BA40-A66D3F55AD57@cisco.com> <552BBAA9-712F-49B4-8A5F-C671C3817C05@ll.mit.edu> <AA323705-436C-4B71-8B51-D2CA9E4E140C@cisco.com> <47CF9528-81A1-49D7-8D4B-B1DCC136581E@ll.mit.edu> <3E69AF7B-D325-4FC5-A003-FEBA1997D67E@cisco.com> <FFD02A42-A10C-4AE7-A763-5C2D1E1DFADA@ll.mit.edu> <65D56695-894D-458E-A9C4-6DCF6A38F196@cisco.com> <29C1F1D5-6EF0-4055-BA88-03F03E3F0A84@ll.mit.edu> <A2B7EC12-25AA-4D0A-ACA3-A5E67C14E596@cisco.com> <63667400-81DF-438E-869F-247222DECA18@ll.mit.edu>
In-Reply-To: <63667400-81DF-438E-869F-247222DECA18@ll.mit.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/signed; boundary="Apple-Mail-56--206467168"; protocol="application/pkcs7-signature"; micalg=sha1
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.2.15, 1.0.148, 0.0.0000 definitions=2011-03-15_03:2011-03-14, 2011-03-15, 1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 suspectscore=8 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx engine=5.0.0-1012030000 definitions=main-1103150154
X-Mailman-Approved-At: Mon, 21 Mar 2011 08:27:18 -0700
Cc: "secdir@ietf.org" <secdir@ietf.org>, "draft-herzog-static-ecdh@tools.ietf.org" <draft-herzog-static-ecdh@tools.ietf.org>, "iesg@ietf.org IESG" <iesg@ietf.org>
Subject: Re: [secdir] Secdir review of draft-herzog-static-ecdh-05
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Mar 2011 21:06:41 -0000

On Mar 10, 2011, at 3:41 PM, Herzog, Jonathan - 0668 - MITLL wrote:
> 
> From: "Herzog, Jonathan - 0668 - MITLL" <jherzog@ll.mit.edu>
> Date: March 10, 2011 3:41:52 PM EST
> To: David McGrew <mcgrew@cisco.com>
> Cc: Brian Weis <bew@cisco.com>om>, "draft-herzog-static-ecdh@tools.ietf.org" <draft-herzog-static-ecdh@tools.ietf.org>rg>, "iesg@ietf.org" <iesg@ietf.org>rg>, "secdir@ietf.org" <secdir@ietf.org>
> Subject: Re: [secdir] Secdir review of draft-herzog-static-ecdh-05
> 
> 
> 
> On Mar 10, 2011, at 1:12 PM, David McGrew wrote:
>> 
>> 
>>> 
>>> However, SP800-56A does define cofactor ECDH. So let me propose the  
>>> following citation scheme:
>>> 
>>> * ECDH in general: RFC 6090
>>> * Standard ECDH: RFC 6090
>>> * Co-factor Diffie-Hellman: SP 800-56A, Section 5.7.1.2
>>> * Full public-key validation: SP800-56A, Section 5.6.2.5
>>> * Partial public-key validation: SP800-56A: Section 5.6.2.6
>>> * Key-derivation function... still working on it.
>>> 
>>> Thoughts?
>> 
>> That looks good to me.  Let me know if I can help with the KDF.
> 
> 
> I'd appreciate it, thanks. One of the goals of this draft is to remain as compatible with RFC 5753 as possible, so as to impact implementations as little as possible. RFC 5753, for its part, specifies the KDF in SEC1. And the KDF in SEC1 is just the 'simple hash function construct described in ANSI X9.63'. So, do you think I can cite X9.63 as the normative reference? And if so, what are your thoughts on citing SEC1 as an informative reference for this KDF? SEC1 is, after all, freely available on the web.
> 
> (Note: I'm still chasing down the ANSI spec to ensure that it does, in fact, match the description in SEC1.)

Just to follow up on this: I got the X9.63 spec and checked its KDF. It's the same as the one in SEC1. Some very very minor differences in the description, but it's the same KDF.

Thanks.

-- 
Jonathan Herzog							voice:  (781) 981-2356
Technical Staff							fax:    (781) 981-7687
Cyber Systems and Technology Group		email:  jherzog@ll.mit.edu
MIT Lincoln Laboratory               			www:    http://www.ll.mit.edu/CST/
244 Wood Street    
Lexington, MA 02420-9185