IETF Logo Mail Archive

Re: [lamps] [EXTERNAL] Re: PQ-composite OR or K-of-N logic

Mike Ounsworth <Mike.Ounsworth@entrust.com> Wed, 27 April 2022 13:50 UTC

Return-Path: <Mike.Ounsworth@entrust.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7ADCEC23BED7; Wed, 27 Apr 2022 06:50:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=entrust.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PA7JZXW0aLG6; Wed, 27 Apr 2022 06:50:25 -0700 (PDT)
Received: from mx07-0015a003.pphosted.com (mx07-0015a003.pphosted.com [185.132.183.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3A82FC23BEDA; Wed, 27 Apr 2022 06:50:21 -0700 (PDT)
Received: from pps.filterd (m0242864.ppops.net [127.0.0.1]) by mx08-0015a003.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 23QLX78D019142; Wed, 27 Apr 2022 08:50:18 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrust.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=mail1; bh=dtk6OIJFbliudtPS4Bxl9STnhu9DTYoN4T27diGzJcI=; b=ADm+JddJG5OYVH4xxp7I6jsuJnB4VPlx0GmYienJsq90dJyZGLX+/WyGBZeMQa9eemhh xh/oXPJw/2x+s8kQ8xFeABmSt++/qgdUXVY6qHHFaej/mB0+glITQrlwMUturtsG49F2 RTJSwMO8O9VfVJdu9jipCprtr0XOYKsb7ME6xXR/5GmIWjxjQ0De4gX8bZqMo/nlHmPG Ml46FYazuq6+DeJGo00m3s11idV3DvPFQdKxdfEV8x0ph2LKl26rwLA6ogYUqczhhSBY TTLunSM6iR9Tb7UFsOwKXgx+ifbO4FcWDgMUqTqbAjWy3fJkTfu56Uz3jngyoCRjL6q+ 3A==
Received: from nam02-bn1-obe.outbound.protection.outlook.com (mail-bn1nam07lp2042.outbound.protection.outlook.com [104.47.51.42]) by mx08-0015a003.pphosted.com (PPS) with ESMTPS id 3fprrhswth-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 27 Apr 2022 08:50:18 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RgwL+uPPxRoOqvCNGt6uZ5r4smG3cJrA4uIhggOC41L144c0WdFYOF0bQTN4bJPuH7up6Z4qIN+Rj6CevUDEyWFnc5QQdLYIekFaLyF3mIB4Vtl2sjUOBxosk/bjBz7aT3c/C2Nr7VeGGxgT0R5fmXlgjpf/WRRv80lnmMLbjdd3wjiKor8Krg+A++pHkuavD7fq0m35EQ5hAOh+UBrsvPwH3GEo882qgTKYVC0aNE4ieIEKLnKHPdaFHUr8rpL67LwS3ceAc0lVF2O6yTsfi66pV0mwT2FgZVp2RpQwjmAQoIBICGRpDmFvlR/k6bd1E1LGvyM9qt6RbIgk1ZPYqw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dtk6OIJFbliudtPS4Bxl9STnhu9DTYoN4T27diGzJcI=; b=TAdPXUaiaflQr9tMryIDZfc9fHP00V6fNIaBjjQ5TFkwXvjt5nyFk4NS3pCUWfUqxD2jJ/AzjoO0/DrLz4ycViIq7iz/Ga7LmLxp/REpcj8gOWOIrXY/oGtlLRtCpM9HVSgUgf1hNVgbB1vTf1acUrWiov/CFPE0IXg0L286euVnMdms/3HsFKmxZXsw+zqmBQkkkLoK22BeWeTFznHpcM7rh5sDTO8pZJD2XICVRz7+WH6Hpf0n7WudcRvPJNRuF4ESjAFN4e0Jjep7KDH/0pgaVeNsgJL3UtWMSWo9TYXukfGRw6rCpBpt3cr1tXss7id0ksMgvprKA0xDtb3Pog==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrust.com; dmarc=pass action=none header.from=entrust.com; dkim=pass header.d=entrust.com; arc=none
Received: from CH0PR11MB5739.namprd11.prod.outlook.com (2603:10b6:610:100::20) by BY5PR11MB4466.namprd11.prod.outlook.com (2603:10b6:a03:1c8::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5186.15; Wed, 27 Apr 2022 13:50:15 +0000
Received: from CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::b92e:47ec:21f6:b602]) by CH0PR11MB5739.namprd11.prod.outlook.com ([fe80::b92e:47ec:21f6:b602%8]) with mapi id 15.20.5186.021; Wed, 27 Apr 2022 13:50:14 +0000
From: Mike Ounsworth <Mike.Ounsworth@entrust.com>
To: "Kampanakis, Panos" <kpanos=40amazon.com@dmarc.ietf.org>, Michael Richardson <mcr+ietf@sandelman.ca>, LAMPS <spasm@ietf.org>
Thread-Topic: [EXTERNAL] Re: [lamps] PQ-composite OR or K-of-N logic
Thread-Index: AQHYV31t/hvtLn8pOEGCGPc55L9mZ60Dyvpw
Date: Wed, 27 Apr 2022 13:50:14 +0000
Message-ID: <CH0PR11MB5739266C7EE710B6FB0B8AE99FFA9@CH0PR11MB5739.namprd11.prod.outlook.com>
References: <f2fb2b2459fe42818348838eb14cc2ac@EX13D01ANC003.ant.amazon.com> <29E39FB1-D8E5-40E9-AFC0-5A8EBBB705DF@vigilsec.com> <DM6PR11MB38025338B4FA3AED0AA99E3196F79@DM6PR11MB3802.namprd11.prod.outlook.com> <1312783.1650733573@dooku> <423419504256427b83c889f9b5c607b7@EX13D01ANC003.ant.amazon.com>
In-Reply-To: <423419504256427b83c889f9b5c607b7@EX13D01ANC003.ant.amazon.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2d60d132-e75c-4010-8c7f-08da2854db4b
x-ms-traffictypediagnostic: BY5PR11MB4466:EE_
x-microsoft-antispam-prvs: <BY5PR11MB4466E7A65CB54E30B8D4D7F49FFA9@BY5PR11MB4466.namprd11.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 5ng5cfNATc3D2qrLo2XgUuIPWKgmkrRy3OcJr/umFWS33VTmgh1iPz4EyQ4avzk573UjD3TqupjiTbc9ZcVbhavA4bwimHk93bDBemww7+BVfxw3FGRFgF4uwR0K7jNDerGWkeLDFGWI6CKHy2FEOeczb3qdOSrcltdBbS0of9AMJOkCkd75x+RJ9DIBa4oqsqTitXDix/oTywINnmxtQrwZHJyRS6afpEK8xl8FIMHbnQflUUNn/BC4o+Fyeww8vM6cCkiQjj5W4bgQOfOpjnFqngbXz7RdOq2x9Ibm4Hm45oebiNA+j6chXU+tmzOa+aH3sHBNFQQBdvOeRrAB352A8Ls3NZpCC8S9EKVXEqlFQ4tYWVv9OFVbwY6hATwUoj4kVjCHqjEbqoICt/h6GLJkhobdKNpGyhFT5qBOf/asvAzWU7v+fI5Obj7RizaUIjmh79kJ2cSTiXZtmdM6Sljz0YicY/r2emGGI9DZDQOwmk1qJTc+jaGzYJ0Iaouob5s2oTwQJwXUfLosXlAc1FejmhTT7bZZ9ITAhzR57tGVgQIM42ScBWN8GJH1JfQxu/KIm/17hbwve73GZ+oeqXyN7uIGiZ9xAGbhwGNMu+/aT0vhsnYhWigspIcoHT5kniHo6eQKrV7SnHYZqYFrHUF/ydEnUALaQwvZ6hli7aOs4A7MUkl8CQ9vu7DS51m07gModVWo2Rmdit2GzH0jqVNWTIY9pVFodwteBgVo6PGSCU12kwwXeSo5ttR8c04Fv94afm+YcUR05wA8bmX+CJYh2W/Q0jsUJPOubscXG74=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH0PR11MB5739.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(366004)(38070700005)(186003)(71200400001)(66476007)(38100700002)(508600001)(33656002)(55016003)(966005)(110136005)(316002)(83380400001)(122000001)(8676002)(8936002)(52536014)(64756008)(86362001)(76116006)(66946007)(66556008)(66446008)(5660300002)(7696005)(6506007)(53546011)(2906002)(9686003)(26005); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 9qqyyiVxaK1gX8xTv9aQ2v1z6IcshD/oUv8lDQa9lrYBn8OyR+GFwSk7YnJNF/PcxZTWxhItf4dZ0fqIBv1Q7Rq9LjN+msmrq96wlx+X337Tm/1VB3qi+erGx5xvUSDzsp7GZwoiUjtXudq1/0hwKoRkTytbJ0yIOxU+LODKgi8JKb4UBmFYpGOr01UuTj1fQhbfIWQvn0woBmhkSmNHy1kgkX1KpBg7a3Ys088inozEa4T6AcEqAeslqBCZu0Mke5KdTWUMfpeqSWfVo49mRSVIXcG1VtUV3o6tai0y7gmRdvWsmfArE+fuiu0Uesef781zNvo6fO3UFLSZn6WGMS/0gzEyrMAMNiXP8j7gVmLjc/QsIQBtGWbmH4ImZl4N3+dAovr/z59MMlKTADBaOsP1vzg7kY1msg4m0vtD9ilO6cAwk2VdieBBc2sfoo7yQBCOMNpvXAQULlB6Q2V8S9AOXGncxhqybd5UAJGqAfS70RO8eNVxRLyBMNmDflL9WS4wI3QKdnY7GWusWfiP5AY01/cpS9fi0Nck8c+t6JmzwcbPmef0sRBhtcQ2OcXuZFtDp7lXVYMRV5eNb18Js12ymimOPRtIp8qvXrQOTd4eadmy8Iw4cDC7CtBPS5c8Qh+ymP/AIdiVgKb6oYetBAPI9Z6LtKA0lS3OhsqQJNkweiOoRPMRDWyQ8cj5xJql00L82czp+vboEeWX+06BUojFWRBVG3o5cjNYBxX9xPcgRu62gKAQ3fJhZQmHpAmsjPQFjnSDb8gV63J7DDnzextWxz51x4H49sg2Y+3N1AvDYkjzSBFntTW0QgzDExzOAc6bLHbobgZfROIZkihMwaXpjwpx9URlO4sWbAZgaH4lG3JDQSxOVhgIUjWOnpOhPtyX3tQWVP6VEQbmgNL+ql4DimDhiZURgMQOH4u66skD8U/N5JtZu45YK5iINmRJjhRiTkfrgjiuoYO6HMyhsPEN0fNyqUzbifznM8OwccTL57m6oolLd1NnfcsKDGwIynsKLGiVKodrNUY2bsvA727tiNz9H4SsApA2x1bvR3IasHMTAo76AXD0Wsmw2H5c+MDuVJ5MEg7OHHolBGMCjzVbozUCGJn2wUWM+1qVnUuECeu8k0PxVSqdLcG+3W8wI+g6CEhwrN5eX51vxt0uMvE6YhKEBuEqEsENqmBGrdDOEFXRqLrZ+kgt8jRq8bwK53kg2+MwinMp0tLLfthVjEofJNysqOJgeZtXhY86hNuxyzWilph3xPUIKWswpSTz6mlsQfzEGWlxwIK3QWO7om8VlmNijCbcEkclqnwMAoRFEpDYwgvliotBY7gBinohZgcrpEpIDYIIa0SnIEKVDnP+ilphQZwwS8ECk/SgYPJ8dws39L4mIdHlEb6fl7pQj3VQ/Tx8wj4Qcj0qL0UDW3IApPFgE1MKjKu1ya6bcSbatSBhtUhPbj+dm47zHtnlTuRexuCfaM/n/QOIxb5aGe27ogBPW0oNETqOaPXqdY7XrsEjsts1dBSrDUJm/uD9y4swq5l2INl2uK/HiLDLqhFnmBbQkpN3BdR1ybC266YpwDD6goEQ6CsASVdsB0CZ6155SzWJ4RLoiX0CBF07xD3PQlbRvRDbPRU5TewtVL5omgTxItbInW9kFI9VLCFUpnip7Hwz4AMxcptiFvXq9rkqW1kjPKb0Yl/G9tbvgbEiJLSGI2cvgF5xK5eag17e3l/eIqNjMCYzsOPmvq2JO+wA6O2orApsF/yw2JLHCMI=
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: entrust.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH0PR11MB5739.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2d60d132-e75c-4010-8c7f-08da2854db4b
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Apr 2022 13:50:14.7559 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 4oPpXiNbKzGDLnK1mLKtovrQvz6p4ru2IfGEFwrR/10dCpRCJ2TVlPsfDLbttwAQKI1JEHATq77v1sVclhJBt39Dr6FEzD8N9wWV6UNnDdk=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR11MB4466
X-Proofpoint-ORIG-GUID: pDHyNbQxdjZ04e26F1Pziv524UyQ1BAr
X-Proofpoint-GUID: pDHyNbQxdjZ04e26F1Pziv524UyQ1BAr
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.858,Hydra:6.0.486,FMLib:17.11.64.514 definitions=2022-04-27_04,2022-04-27_01,2022-02-23_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=0 phishscore=0 mlxlogscore=686 malwarescore=0 mlxscore=0 spamscore=0 clxscore=1011 priorityscore=1501 adultscore=0 bulkscore=0 lowpriorityscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2202240000 definitions=main-2204270088
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/_CUcyzsrAvBLPRuQ5e0gOVybOnI>
Subject: Re: [lamps] [EXTERNAL] Re: PQ-composite OR or K-of-N logic
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Apr 2022 13:50:29 -0000

Panos,

> The only way to avoid a flag day is to negotiate

Careful with this thinking; there are things in the world besides than TLS and IKE; How does one negotiate with an S/MIME encryption cert that you find in a directory, or a signed firmware binary that you're trying to verify in a bootloader?

---
Mike Ounsworth

-----Original Message-----
From: Spasm <spasm-bounces@ietf.org> On Behalf Of Kampanakis, Panos
Sent: April 23, 2022 8:48 PM
To: Michael Richardson <mcr+ietf@sandelman.ca>; LAMPS <spasm@ietf.org>
Subject: [EXTERNAL] Re: [lamps] PQ-composite OR or K-of-N logic

WARNING: This email originated outside of Entrust.
DO NOT CLICK links or attachments unless you trust the sender and know the content is safe.

______________________________________________________________________
Hi Michael,

Both OR or AND are not backwards compatible. The new OID (regardless of OR or AND logic) will not be understood by verifiers that have not been upgraded. Not to mention that verifiers that don't understand composite will not want to see the extra data which could slow down their communications.

The only way to avoid a flag day is to negotiate; if the verifier understands the composite signature give it to it, otherwise just give the classical.







-----Original Message-----
From: Spasm <spasm-bounces@ietf.org> On Behalf Of Michael Richardson
Sent: Saturday, April 23, 2022 1:06 PM
To: LAMPS <spasm@ietf.org>
Subject: RE: [EXTERNAL][lamps] [EXTERNAL] Re: PQ-composite OR or K-of-N logic

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.



Serge Mister <Serge.Mister=40entrust.com@dmarc.ietf.org> wrote:
    > As I mentioned on the call, I'm not fully convinced that deciding which
    > signatures a relying party must verify is entirely a decision for the
    > relying party.  When an entity obtains a certificate from a CA,
    > signatures verifiable with the certificate are attributed to the entity
    > named in the certificate.  The certificate holder then wouldn't want a
    > weak key bound to their identity.  If a composite key can be used in
    > "OR" mode, the key is weakened when any of the algorithms is weakened.

Yeah, but we need this OR mode to operationally be able to deploy.

Yes, it true it could be subject to a bid-down attack against the weaker algorithm.  But, this is where the verify policy does matter.  Bid-down attacks only work when both parties have open policies.
Until there is there is a clear attack, there isn't a weak algorithm.
But, when an attack becomes known, verifies have to change their policies.

Without the OR mechanism, we wind up with a flag day where all signers and all verifiers have to upgrade within a renewal/CRL-signing epoch.  That's just not practical.


--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works  -= IPv6 IoT consulting =-



_______________________________________________
Spasm mailing list
Spasm@ietf.org
https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/spasm__;!!FJ-Y8qCqXTj2!eYg4o3sJSa0JPjal6u8JoCpp2muoZIeEzWZeCQaNvTwTHqd82T6AICxzCjuYwLtYmEgXZ_fMnGE9BVUKmthW_R3LWu9mQtK4jdLRO-DmyA$
Any email and files/attachments transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.

v2.23.0 | Report a Bug | By Email