Re: [Secdispatch] Some Experiments: TLS, PQ and Key Exchanges

"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Tue, 19 November 2019 04:37 UTC

Return-Path: <pkampana@cisco.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A28DA12008A for <secdispatch@ietfa.amsl.com>; Mon, 18 Nov 2019 20:37:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.499
X-Spam-Level:
X-Spam-Status: No, score=-14.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=km3FGcGH; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=CZgg6aYA
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6boWB4clewii for <secdispatch@ietfa.amsl.com>; Mon, 18 Nov 2019 20:37:47 -0800 (PST)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C7F2C12006F for <secdispatch@ietf.org>; Mon, 18 Nov 2019 20:37:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=19155; q=dns/txt; s=iport; t=1574138266; x=1575347866; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=su885bJsfT6xZKZwaAHJri3+3hck1Hr/ob1dUP4l5JM=; b=km3FGcGHlVOmwDpi9xtsEfGN+1+xCKC9GlDR9wzr5FArE5qNOgJHfQpn 3v5irT3+x733hDkRKAvbdaPk5SrUMwSm3vEJLy+x3kFMRNY4tt62tvxB1 e9n6kEX1T2DwEY8okfK+yTM0dXIFq67hWLXsfHJgN1Nx4s6ns8x1mSZ0o 0=;
X-Files: image001.png : 3146
IronPort-PHdr: =?us-ascii?q?9a23=3AMpezXh/tETAiCv9uRHGN82YQeigqvan1NQcJ65?= =?us-ascii?q?0hzqhDabmn44+8ZR7E/fs4iljPUM2b8P9Ch+fM+4HYEW0bqdfk0jgZdYBUER?= =?us-ascii?q?oMiMEYhQslVdaGAEjjJfjjRyc7B89FElRi+iLzPA=3D=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0ANEAAvcdNd/4oNJK1lHAEBAQEBBwE?= =?us-ascii?q?BEQEEBAEBgX6BHC9QBWxYIAQLKoQqg0YDinMUOoIQkx6EYoJSA1QCBwEBAQk?= =?us-ascii?q?BAgEBJQgCAQGEQAIXggwkOBMCAwsBAQQBAQECAQUEbYU3DIVRAQEBAQECBQE?= =?us-ascii?q?MEQIIARIBATgPAgEIEQQBAQYBAQEVDQICAgUQAQ4MHQgCBAERAQYCBg0HgwG?= =?us-ascii?q?CRgMuAQIMpVcCgTiIYHWBMoJ+AQEFgTQBg0kYghAHAwaBNowVGIFAP4ERRoJ?= =?us-ascii?q?MPoJiAgGBYhUWgmMygiyQE4VHgRKNVYJmhwYKgiqGAgGBF45QmhGNE4E1iDi?= =?us-ascii?q?RUAIEAgQFAg4BAQWBaSKBWHAVgnMBM1ARFJEag3OFFIU/dAELgRyMU1sBAQ?=
X-IronPort-AV: E=Sophos;i="5.68,322,1569283200"; d="png'150?scan'150,208,217,150";a="670467948"
Received: from alln-core-5.cisco.com ([173.36.13.138]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 19 Nov 2019 04:37:45 +0000
Received: from XCH-ALN-004.cisco.com (xch-aln-004.cisco.com [173.36.7.14]) by alln-core-5.cisco.com (8.15.2/8.15.2) with ESMTPS id xAJ4bjIq005653 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 19 Nov 2019 04:37:45 GMT
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by XCH-ALN-004.cisco.com (173.36.7.14) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 18 Nov 2019 22:37:44 -0600
Received: from xhs-rtp-001.cisco.com (64.101.210.228) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 18 Nov 2019 22:37:43 -0600
Received: from NAM01-SN1-obe.outbound.protection.outlook.com (64.101.32.56) by xhs-rtp-001.cisco.com (64.101.210.228) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Mon, 18 Nov 2019 23:37:43 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MUAGadJHqHM8t8W9mf/MNpclUVVhjTd91S1Dg5gR1ID4NMLzTchP0umxIxU5ZLetHtfmCXRIV+QvaJl1hw+nOnrzBULjPY4YLlE2UNlagJ/puOFhn7+MPLJgHw1qdC+oSDxZkEh6cZnNEpIubBThi1bEqK5FCB0bEtwgxSRaILSjzSlH2GJkthOnb7sa5hsP8WjxZKuWn4JSJ/Fx1ZUgM2EUPFrGG9J9I8PkJDgz4y71UzRQlp3P81vf4gNzkMNXRQVqpOp53p46n+nuYR9hNwjXL52eQZt/FfEClwbA5vjPOCj4rpY6v3aRUMJr1xw7oXM4Z623o4jQn1j6xDpS6Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=epwBUN7nSfO8LgC/bqHq3WwFAQvY3usioqEEeof+B8I=; b=lATOi5z08YNFzS+AJdiHy7T8llef2f3P7AtUI9vTljIQ8GVaV53E1h3zxh9Lpw1+0w+Jt0UZOzk7WX6onTK7135EcOCDFfH8sHxmzAZ57Ok/59WXSl3BXtsZYZReDdZtT69/v5Cuu0TTOG03FiPMmezpA6Z3M1buT1+gJcGNsHqxwvR6KzuzsWYCFzIEzWxsHnpcrdsb8gMJfWBm8kMWEVERwdZi7dkZbM1eibemri4qFMkNTzZmJserulEICjDYCMLAOCAleOyKrScIj0sqZEsAptwxUGzc32oXOZa/LTeeAxRsDjSi/rPOjlDLXyOEPyQpRzOfk3XdrHRuxUEnwQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=epwBUN7nSfO8LgC/bqHq3WwFAQvY3usioqEEeof+B8I=; b=CZgg6aYAMsnDo9LJaikNLD64dAdDtb9OHWcVvpu6e8owl/2hlJFE6uLC3dF8TFMsFXVUlxFS27eN+DgjwyD/aXC3L8dzEXA+vaEfCug0BzTWaaRcvEO40lsoUHVoTFwTrdkDDnYVigsgay+45CujImKzySPngy19PUVbQ9JZpxA=
Received: from BN7PR11MB2547.namprd11.prod.outlook.com (52.135.255.146) by BN7PR11MB2706.namprd11.prod.outlook.com (52.135.245.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2451.28; Tue, 19 Nov 2019 04:37:42 +0000
Received: from BN7PR11MB2547.namprd11.prod.outlook.com ([fe80::5c82:bb6a:d0f0:b802]) by BN7PR11MB2547.namprd11.prod.outlook.com ([fe80::5c82:bb6a:d0f0:b802%6]) with mapi id 15.20.2451.031; Tue, 19 Nov 2019 04:37:42 +0000
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: "Dr. Pala" <madwolf@openca.org>, "secdispatch@ietf.org" <secdispatch@ietf.org>
Thread-Topic: [Secdispatch] Some Experiments: TLS, PQ and Key Exchanges
Thread-Index: AQHVno1IyPKMny1hpUKMti+Y6vGIdKeR5viw
Date: Tue, 19 Nov 2019 04:37:42 +0000
Message-ID: <BN7PR11MB2547C248843270686E52C335C94C0@BN7PR11MB2547.namprd11.prod.outlook.com>
References: <de8f76fd-244a-8cd8-659e-36544a3df2bd@openca.org>
In-Reply-To: <de8f76fd-244a-8cd8-659e-36544a3df2bd@openca.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pkampana@cisco.com;
x-originating-ip: [2001:420:c0c4:1006::94]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 562fd33a-d975-463a-cea0-08d76caa3780
x-ms-traffictypediagnostic: BN7PR11MB2706:
x-ms-exchange-purlcount: 3
x-microsoft-antispam-prvs: <BN7PR11MB270677556B5EA2F364C85723C94C0@BN7PR11MB2706.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 022649CC2C
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(366004)(346002)(376002)(136003)(396003)(199004)(189003)(316002)(55016002)(7736002)(606006)(6306002)(54896002)(9686003)(236005)(33656002)(6436002)(6246003)(86362001)(733005)(14454004)(6116002)(229853002)(478600001)(2501003)(71190400001)(71200400001)(76116006)(966005)(25786009)(110136005)(186003)(74316002)(8936002)(76176011)(7696005)(99286004)(81166006)(256004)(8676002)(790700001)(81156014)(14444005)(476003)(66616009)(64756008)(66446008)(66946007)(66556008)(66476007)(5660300002)(52536014)(46003)(2906002)(486006)(6506007)(53546011)(446003)(102836004)(11346002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN7PR11MB2706; H:BN7PR11MB2547.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 0lxGD4PdTuO81VK4Sz2HTfV+IzRinzjtLHK7jEgOopeMC3wxjEcLQjuqkSC5yvy8JBttGx5jxthUOzuYmRWVkvJz2IX+W/Jdtgq5mH3Iispt74k8AFbTTlB0ZXcnlwHVyCPvl8TabFwfqAqN03jSz5dkfk1sVu38sLztCB+unw4WV0JuCWAjfkcnttKJmVMdDTCrm6MDRay2ZKWTUTZqoNvzfu49PndaFrSq0Fx52aYVr8iuYMCkaiOYHZJT1olyimrgi60PWbgweypN7KZX77tF7l9n/u9nlPpEHBDMzyd2auTgT4kAMmHqVacxWOLyL6kVz0XTtCYINDoejNhmCq3SrXb4wkk7zP65m7c4jp32P/VaCAavd8G1bw6Ppu2yZIeATVrxu/OQns7DE6F1S5IaVNWz8MKdbNrK4WmrQQeaOWAP8kkgBEA7zsARh454gWciCHjXKzi6b70EnF1NnFYxtSToS6up1aJxCcnAsYM=
x-ms-exchange-transport-forked: True
Content-Type: multipart/related; boundary="_004_BN7PR11MB2547C248843270686E52C335C94C0BN7PR11MB2547namp_"; type="multipart/alternative"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 562fd33a-d975-463a-cea0-08d76caa3780
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Nov 2019 04:37:42.5674 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 0xWpGkRr0E/XAMwbL/fJHCK1Fg4AV9rYGvPXXls0l0lsaVJqmKb+O7TffWN7xN90KhkvIl8eUhuOXzsNGCsmgg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN7PR11MB2706
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.14, xch-aln-004.cisco.com
X-Outbound-Node: alln-core-5.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/R6cvrATAbftcfhFK-TJresLcKpo>
Subject: Re: [Secdispatch] Some Experiments: TLS, PQ and Key Exchanges
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Nov 2019 04:37:52 -0000

A little closer to what you are referring to Max, in Section 4 of https://eprint.iacr.org/2019/1276.pdf we share our preliminary experimental results with PQ signature certs in TLS 1.3. We found that two NIST signature candidates seem the best. All others introduced extra round-trips because of the chain size not fitting in the TCP congestion window and would not be satisfactory for latency-sensitive applications.

There is more detailed work that we have not published yet, which includes much more detail than the above paper and proposes some more solutions. Will share it in due time.

Rgs,
Panos


From: Secdispatch <secdispatch-bounces@ietf.org> On Behalf Of Dr. Pala
Sent: Monday, November 18, 2019 10:56 PM
To: secdispatch@ietf.org
Subject: [Secdispatch] Some Experiments: TLS, PQ and Key Exchanges


Hi SecDispatch,

I just wanted to share with you some interesting results for "large" keys vs. computational intense algos and TLS that was recently published in two different blog posts - one from Amazon and one from Cloudflare:

  *   https://aws.amazon.com/blogs/security/post-quantum-tls-now-supported-in-aws-kms/
  *   https://blog.cloudflare.com/the-tls-post-quantum-experiment/
definitely worth reading :D Maybe the situation for TLS and large keys in certificates might not be as bad of an issue as initially thought... :) ... ???

Does anybody has any comment ?

Cheers,
Max

--
Best Regards,
Massimiliano Pala, Ph.D.
OpenCA Labs Director
[OpenCA Logo]