Re: [lamps] Fwd: New Version Notification for draft-housley-cms-mix-with-psk-00.txt
"Panos Kampanakis (pkampana)" <pkampana@cisco.com> Mon, 13 November 2017 21:53 UTC
Return-Path: <pkampana@cisco.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 5AB7C126C2F
for <spasm@ietfa.amsl.com>; Mon, 13 Nov 2017 13:53:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.519
X-Spam-Level:
X-Spam-Status: No, score=-14.519 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5,
RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001,
URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key)
header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id SymOCSUdJvq4 for <spasm@ietfa.amsl.com>;
Mon, 13 Nov 2017 13:53:46 -0800 (PST)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76])
(using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id D7390120724
for <spasm@ietf.org>; Mon, 13 Nov 2017 13:53:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=cisco.com; i=@cisco.com; l=11897; q=dns/txt;
s=iport; t=1510610025; x=1511819625;
h=from:to:subject:date:message-id:references:in-reply-to:
mime-version; bh=2HnikNgIY/GuJ1cQR39nCl/w78ZXlxPZLe+7OO4BQPM=;
b=lXNDM1qdqm9VllTAMaDSLz6ve25mw7GTt1A1OT+0+B3aWhMwBBOyEPbJ
/yMnfseJhRxt6FFSjbGea6tMa49STYvxHm9RBq3qTy/Qx771Cds/4169N
JhN65JlZEI2Hf2HhBvm9GRTPyrpzGAu7WovWs57yjmM7sgEtfovmWrbYh A=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0CfAAAGEwpa/4kNJK1bGQEBAQEBAQEBA?=
=?us-ascii?q?QEBAQcBAQEBAYJEQy5kbicHhX2IGY8vgX2RCIVIEIIBCiWDOIFeAoRlPxgBAQE?=
=?us-ascii?q?BAQEBAQFrKIUeAQEBAQMtShICAQgRAwEBASgHMhQJCAIEARIIE4kjZBCtdIsOA?=
=?us-ascii?q?QEBAQEBAQEBAQEBAQEBAQEBAQEBHYM0gQ55gVWBaYMqhFtcFoVCBZFokEICh2m?=
=?us-ascii?q?NEIIeX4UpiyWMaIkPAhEZAYE4AQ8QOIFyehUfKoJkCYMIgU53AYYZK4EIgREBA?=
=?us-ascii?q?QE?=
X-IronPort-AV: E=Sophos;i="5.44,389,1505779200";
d="scan'208,217";a="102234696"
Received: from alln-core-4.cisco.com ([173.36.13.137])
by rcdn-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-AES256-SHA;
13 Nov 2017 21:53:44 +0000
Received: from XCH-ALN-007.cisco.com (xch-aln-007.cisco.com [173.36.7.17])
by alln-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id vADLriss014839
(version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL);
Mon, 13 Nov 2017 21:53:44 GMT
Received: from xch-aln-010.cisco.com (173.36.7.20) by XCH-ALN-007.cisco.com
(173.36.7.17) with Microsoft SMTP Server (TLS) id 15.0.1320.4; Mon, 13 Nov
2017 15:53:44 -0600
Received: from xch-aln-010.cisco.com ([173.36.7.20]) by XCH-ALN-010.cisco.com
([173.36.7.20]) with mapi id 15.00.1320.000;
Mon, 13 Nov 2017 15:53:44 -0600
From: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
To: Russ Housley <housley@vigilsec.com>, SPASM <spasm@ietf.org>
Thread-Topic: [lamps] Fwd: New Version Notification for
draft-housley-cms-mix-with-psk-00.txt
Thread-Index: AQHTXJJnvtwF0ibx70yqT6Xv0DHsVKMS2Tmw
Date: Mon, 13 Nov 2017 21:53:44 +0000
Message-ID: <0eb2dd1b4c9b477e8a7f032f98266ce2@XCH-ALN-010.cisco.com>
References: <151058607297.580.10143889052435378840.idtracker@ietfa.amsl.com>
<1FB8E6DC-4EB2-4812-AA10-3415396EC984@vigilsec.com>
In-Reply-To: <1FB8E6DC-4EB2-4812-AA10-3415396EC984@vigilsec.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.116.108.4]
Content-Type: multipart/alternative;
boundary="_000_0eb2dd1b4c9b477e8a7f032f98266ce2XCHALN010ciscocom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/J7BQdC7-b-qR5aVVTYqE-ccKU2s>
Subject: Re: [lamps] Fwd: New Version Notification for
draft-housley-cms-mix-with-psk-00.txt
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime
\(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>,
<mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>,
<mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Nov 2017 21:53:48 -0000
Hi Russ, This is a useful doc. It resembles the IPSECME work for IKEv2 as a temporary solution until NIST comes up with new public key crypto algos. I would suggest to be more prescriptive on the KDFs, the entropy and the key sizes so they are long enough (at least 256-bits as you are suggesting with AES-256) to be resistant against a quantum computer. Panos From: Spasm [mailto:spasm-bounces@ietf.org] On Behalf Of Russ Housley Sent: Monday, November 13, 2017 10:16 AM To: SPASM <spasm@ietf.org> Subject: [lamps] Fwd: New Version Notification for draft-housley-cms-mix-with-psk-00.txt People on this list may find this new I-D interesting, Russ From: internet-drafts@ietf.org<mailto:internet-drafts@ietf.org> Subject: New Version Notification for draft-housley-cms-mix-with-psk-00.txt Date: November 13, 2017 at 10:14:32 AM EST To: "Russell Housley" <housley@vigilsec.com<mailto:housley@vigilsec.com>>, "Russ Housley" <housley@vigilsec.com<mailto:housley@vigilsec.com>> A new version of I-D, draft-housley-cms-mix-with-psk-00.txt has been successfully submitted by Russell Housley and posted to the IETF repository. Name: draft-housley-cms-mix-with-psk Revision: 00 Title: Using Pre-Shared Key (PSK) in the Cryptographic Message Syntax (CMS) Document date: 2017-11-13 Group: Individual Submission Pages: 11 URL: https://www.ietf.org/internet-drafts/draft-housley-cms-mix-with-psk-00.txt Status: https://datatracker.ietf.org/doc/draft-housley-cms-mix-with-psk/ Htmlized: https://tools.ietf.org/html/draft-housley-cms-mix-with-psk-00 Htmlized: https://datatracker.ietf.org/doc/html/draft-housley-cms-mix-with-psk-00 Abstract: The invention of a large-scale quantum computer would pose a serious challenge for the cryptographic algorithms that are widely deployed today. The Cryptographic Message Syntax (CMS) supports key transport and key agreement algorithms that could be broken by the invention of such a quantum computer. By storing communications that are protected with the CMS today, someone could decrypt them in the future when a large-scale quantum computer becomes available. Once quantum-secure key management algorithms are available, the CMS will be extended to support them, if current syntax the does not accommodated them. In the near-term, this document describes a mechanism to protect today's communication from the future invention of a large-scale quantum computer by mixing the output of key transport and key agreement algorithms with a pre-shared key. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org>. The IETF Secretariat
- [lamps] Fwd: New Version Notification for draft-h… Russ Housley
- Re: [lamps] Fwd: New Version Notification for dra… Panos Kampanakis (pkampana)