IETF Logo Mail Archive

Re: [lamps] AD Review: draft-ietf-lamps-cms-aes-gmac-alg-02

Mike Ounsworth <Mike.Ounsworth@entrust.com> Fri, 05 February 2021 22:02 UTC

Return-Path: <Mike.Ounsworth@entrust.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D224B3A0B58 for <spasm@ietfa.amsl.com>; Fri, 5 Feb 2021 14:02:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=entrust.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T4Za3_qbKGdL for <spasm@ietfa.amsl.com>; Fri, 5 Feb 2021 14:02:18 -0800 (PST)
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2120.outbound.protection.outlook.com [40.107.244.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CDE6F3A0C43 for <spasm@ietf.org>; Fri, 5 Feb 2021 14:02:18 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=juFfgOIVbmprafZaQmBldx10Wdu3GwCL2aYHF0ql7nSGpOPCZZmsd5M4IACwNqJjRuMAZjPoyNXGe9FuNKoDbKJTBjD8/Sgpn1sOyE9MPu1MM6N+06m8UdFcPMspSqk/4FjRsw+mOz/iPwT9SrN4rMggbCH1XCxmLZE7B33sO0+GnNgbSyvd6Jqji3C1HYn1ahdXpKY+aaFxHkZQrBUkN0+6FcDYiqSuRscVdt76qqVHRQKAibDc3wxzU/oWeuqjMsNTc9JmGjGzDn1AQ6d8HBYW3f/xrWYL/bs+m1EYEi2jq4bbxTmB2VjlePBhIEhB2G75Ma5nKqMdJQ7ACEuXdw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dxSHvZskzgWpa01CD4WQNYHE5QsYUMPJaCGR1bBIYc8=; b=SNxlaOs3czQl0aoSN9aRKTk9EcMwR4/JflAojtuUFwBbBVkiFzhCphzh1LIn6pjopblHcDNxTy2JCDC7xDzDFQOEqTyvJTA6Re5wZGnauiTJM3BdkJkg5tLP3kWyMScc3BnB85I0I404EHLC+0+xxnpCToPAuw4ak7aP/I6jHS2zZLONtSvtwlRzT4/85vTu9GCKbgT+t9Ezd5usZkSmM4ylL+ueWGiCp6ysS28Wa5IDDoYdAynEwun/ZRSZhM2baypCEBVavOMk8gY/P5LogLEpkqKS9MmcJnHBl2b9Py9MSubwYMKAGsT4TjClIZCAzTvGW2BRHQRosENcXlBebg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=entrust.com; dmarc=pass action=none header.from=entrust.com; dkim=pass header.d=entrust.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=entrust.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dxSHvZskzgWpa01CD4WQNYHE5QsYUMPJaCGR1bBIYc8=; b=KvxOH6NX4fekw30/Y+E9Kk5yDZjm5lKm6PMy95BnItOKhKOjzDT2GPt5+T9BVjQ8g2zKgzTA6I06fJmIy9LKhN1r3X/vQj8+JPX1W5JP6m9lCZZn3RCaqEUog1pTT5APaRv2zrJPzHTDcY/oDcq81rZk+YBRbcPY7v+hYW9LVo9u5C1E7FJbM/6q70eaCmKKF4huNEHTs9JT0rlrPUb55+lgjZYIlIPvN6K02O/039rCkYtxayCGIhKdSflRxlq+yNbbBoHYHmBrxsqs0uEu2FRB49HMDFj6IZfQ/qt5e11fIqf+F10rUxFhStKKmwCJpdFrA128qs0cm7rz05Zbbw==
Received: from DM6PR11MB4380.namprd11.prod.outlook.com (2603:10b6:5:14e::20) by DM6PR11MB2665.namprd11.prod.outlook.com (2603:10b6:5:c3::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3805.27; Fri, 5 Feb 2021 22:02:14 +0000
Received: from DM6PR11MB4380.namprd11.prod.outlook.com ([fe80::a500:2ae3:a6c4:bc13]) by DM6PR11MB4380.namprd11.prod.outlook.com ([fe80::a500:2ae3:a6c4:bc13%4]) with mapi id 15.20.3825.020; Fri, 5 Feb 2021 22:02:14 +0000
From: Mike Ounsworth <Mike.Ounsworth@entrust.com>
To: Roman Danyliw <rdd@cert.org>, LAMPS WG <spasm@ietf.org>
Thread-Topic: AD Review: draft-ietf-lamps-cms-aes-gmac-alg-02
Thread-Index: AdbzfN5BmWxXMmZ4QHOOCC27Bji/LAGzEJdQAHBX5LA=
Date: Fri, 05 Feb 2021 22:02:14 +0000
Message-ID: <DM6PR11MB4380D0D1AC3F299F14329C689FB29@DM6PR11MB4380.namprd11.prod.outlook.com>
References: <0653df8b1e474cd98cc6e3f06ab69d6a@cert.org> <d4173e5ed4ae4c9498b809246a5fc424@cert.org>
In-Reply-To: <d4173e5ed4ae4c9498b809246a5fc424@cert.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: cert.org; dkim=none (message not signed) header.d=none;cert.org; dmarc=none action=none header.from=entrust.com;
x-originating-ip: [2605:b100:328:7547:401c:bca2:c551:3e5f]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3ecf5099-293f-41f4-bb7f-08d8ca21b254
x-ms-traffictypediagnostic: DM6PR11MB2665:
x-microsoft-antispam-prvs: <DM6PR11MB266568F0622270CF77BAEDDD9FB29@DM6PR11MB2665.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: qpKFCNWsZObZSvjDBMB2sVLl84v3OSPsyZ9aDnfN30ouMOx7OmHHstlvEJge7lNo0mtzq+QhXqFurIo4MI7Y9hT3D3yXn5uQSCKn9oNlGDNCmYtpppDzVjDSE02ZCRBzRRqFJ60krpvz/fAqtUVv/l7pdYxL2iv3HkE/hjpuZILrEYf4FVGLb5KWnn/ksoKXxXu4USbSoiwALRRxOE1YQIyDslEwccOfqdcXZCMX7qh75zY0y2nJpMqKrCfI8gA2+X7kb06tnr1x77euHO2Su/kQDq2BgKPrhW6l5NcQo+++1eXsTI7aOjDZYJlZYl0ohoUIYNgz4SH54WEosqm7HrBI+ZXilKAkMBewZZ0uYelSdGyqWR8MjEjsgjvgGpTZ5n/UifrpcA7Y3T0BnPUr7ujhEYulzAgJpbBebOlPgvoqnrNCZQgZUx1ShJhE6z3LCyor3z3kmF3N5c+BYMqxSU3at8l/UK23cOXByP+C1jiTNGsSRxQC5EFRVeM2B1shgLAiDvz7F2YMa5AKCtqcUoWGgMANw5O1NIqC0Vx6oKyq96Gt9o+8M7A7hXhmbgl1//XbJKpgt42czAz0KKByDaCaAkDV+jvbZG/T3CIhgTw=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR11MB4380.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(366004)(396003)(346002)(39860400002)(136003)(316002)(5660300002)(9686003)(6506007)(64756008)(186003)(2906002)(66556008)(71200400001)(53546011)(7696005)(86362001)(966005)(52536014)(19627235002)(55016002)(76116006)(478600001)(66476007)(83380400001)(110136005)(8676002)(66946007)(33656002)(66446008)(8936002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: smyH59p81elcISJCT+pmxEeal3k9hjXvIES5CqNjyw0eR9xjM9lXEAXNB7TE1+S0pO1AOAlB7cwWVPb4SvZFhfktnFbArTKoZY1xF9JXx+eTLWawV/cHEYf/hVa6jAPJ/QopPNR+BAisyR2d0ikjKBlhmMD2lHmRn6r6v1aHwIftc6BqdIR8MCSTkK+27A6cndI3syI6x3haq8Q781QUqdahbfzfVT0odzmVcNWYOE0jDixTg3jxB5xdpvf8RZZPShXpJsJzIDiHZ7W3SmTlDc78s2oTuVBoM9/oT32SeM3TBYHqOejnrEo8gOXsh4lN30Z82fiptQCCEie9WEnW/vsFKx93XBD1I/YRMq+4ly4VZqOuJ4PYGLsezt/Scky7ppMz90sNY1QaUus1z5puMv+fdeaff85HmqhYtXp9f2c0n+sdV34jLWcATDJU66P75N1Zk1YkZtnwTDkT4nlIXDfzWw/TCKPNw0Y+EexDm5s1BoaggJ7M/JN+1NH3CGNoVDyDOSae609srozT7tKZpUYf6r/I/FRfNfVTpV3CntWEL0X6cju3LKrZD5CmCQh4QSOvafdqnY9lq3JPOKpwlT9NEfvYEwxXna86mRMT7Bf1paAxlEkf42VerK54E0jpTgwbz+bSK84ElffXcqmXdZoX3qMobAxLbIZVKIq2jzqKcyi5d1u9W+eM7WSlUZ0VScj3ZA0/6ygQ9rcMV4a2k+8/DCADPjhghSWabDaXjdBlViij6AgC7dvRFpsK1AvIz7oOCbwoQr3ymx5J2Vl6L7wCokLlz6clVbvZVCehK0kdlZOBp/vG6Tfq0Ro4Tt7QXp+FhRkIUtMl36dajWKCuuQ9hGgvENBGtNEzbBzeJAbDhl+bA88OVl6xG+CaJBhzIL22nJh9cxjCR3nZWEV5rZlVIcJhhD5qMw9VoxPGveFnJsPs3tCqGTK5ebiP5yTlWYocl6o6N4ZWmZ/MZhAYtRF2/x62qL2TgBeS7/lul7sUHEjjuj25TElrta4NQLNL6Zvc+N+vrOI3WnCxowwOWnTvbU+PCI0/JYQxAa6RnFyQ1VYo2tazMlmA3znHhPaSZUj7Zm9/GDMRoKDZj/QX1B7bTT20NDc6co17SxuozTr5ngfmxVHAyz2VK/dpybAtGwYp1D1vTvYjl0w2yCPkfyV3QSYXvNfoRPk6cbZBLRFfJp+R6k/kn/9bTXhW243Yy5XzKA+VViKH8a+UKfJ+/P12oqrrf1DT49UxDVRoSOz/KbnTh0GezrDAu3ZXpscKRR3QuokPL1sdsXn0oYIW0AWo6c9Wco6aPgjLS/CcyIWK+3SOHUViXCcKDPSXJ83iQ0fwTaIeqbfLGrmW0bI4iRqqAHWFBeuLOFGl4O8zrCJHCGotHbcmY4QeqepuaH3j
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: entrust.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR11MB4380.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 3ecf5099-293f-41f4-bb7f-08d8ca21b254
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Feb 2021 22:02:14.6424 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f46cf439-27ef-4acf-a800-15072bb7ddc1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: +rY8W4nXP6v2Y2tvCY/OgrRudAuSLTt4pTH1EqUVoGLltE6c/l/8yBu/1l9jhThbfiOOr5RKoxIaWoJJGMoxvFVxI7/qqN4NmlqFNidL4SM=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB2665
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/W7AngXKjIvB-BA8-ctp5mt8PujM>
Subject: Re: [lamps] AD Review: draft-ietf-lamps-cms-aes-gmac-alg-02
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Feb 2021 22:02:21 -0000

Thanks Roman (and I assume Russ).

Sounds like the right resolution to me!

---
Mike Ounsworth

-----Original Message-----
From: Spasm <spasm-bounces@ietf.org> On Behalf Of Roman Danyliw
Sent: February 5, 2021 3:31 PM
To: LAMPS WG <spasm@ietf.org>
Subject: [EXTERNAL] Re: [lamps] AD Review: draft-ietf-lamps-cms-aes-gmac-alg-02

WARNING: This email originated outside of Entrust.
DO NOT CLICK links or attachments unless you trust the sender and know the content is safe.

______________________________________________________________________
Hi!

> -----Original Message-----
> From: Spasm <spasm-bounces@ietf.org> On Behalf Of Roman Danyliw
> Sent: Monday, January 25, 2021 9:10 PM
> To: LAMPS WG <spasm@ietf.org>
> Subject: [lamps] AD Review: draft-ietf-lamps-cms-aes-gmac-alg-02
> 
> Hi!
> 
> I conducted an AD review draft-ietf-lamps-cms-aes-gmac-alg-02.  Thanks 
> for the work to bring AES-GMAC to CMS.  Here is my feedback:
> 
> ** Questions about the recommendation in Section 3.1 for a 12 octet 
> tag has come up a few times [1][2][3].  Thanks for adding the text in 
> -02 to explain the origin as being from RFC5084 per [1]. If we decide 
> to go that way, [2] makes a good suggestion to also add it to the 
> comments.  [3] acknowledges the alignment with RFC5084 but speculates 
> whether 13-year old guidance since applies. Like [3] I couldn't find any relevant NIST or RFCs to meaningfully cite.
> In addition to RFC5282, there is also RFC4543 which also recommend 
> 16-bytes for the nonce.  However, I'm sensitive to those requirements 
> potentially being protocol specific and CMS has a wider set of 
> applications.  As an aside, this variability in application should be explicitly stated.
> 
> Is the thinking with [4] to make support for 12 and 16 octets a MUST, 
> with the
> 12 there for parity with RFC5084 and the 16 because we think that's 
> the right balance in 2021?
> 
> [1] 
> https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/msg/spas
> m/KrmkF6kkbg8-__;!!FJ-Y8qCqXTj2!Peh119Sbv_x8E5HgR2x6pfe6O9hZBlK-trJr9y
> QY51jUrw7fFcNRLvXScvR5LyrLbn3vBrA7wA$
> pU4MpjgpTVmxzik/
> [2] 
> https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/msg/spas
> m/T9UhA9T9j85o6VYjT-__;!!FJ-Y8qCqXTj2!Peh119Sbv_x8E5HgR2x6pfe6O9hZBlK-
> trJr9yQY51jUrw7fFcNRLvXScvR5LyrLbn0Lg3E3hw$
> 9D2JnTEic/
> [3]
> https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/msg/spas
> m/7qqXzNFuA1YDFnfHw8oL9OVK_D__;!!FJ-Y8qCqXTj2!Peh119Sbv_x8E5HgR2x6pfe6
> O9hZBlK-trJr9yQY51jUrw7fFcNRLvXScvR5LyrLbn3c2ur6DA$
> c/
> [4] 
> https://urldefense.com/v3/__https://mailarchive.ietf.org/arch/msg/spas
> m/g1-__;!!FJ-Y8qCqXTj2!Peh119Sbv_x8E5HgR2x6pfe6O9hZBlK-trJr9yQY51jUrw7
> fFcNRLvXScvR5LyrLbn3X0lVqrA$
> 09MkwebIO3kI0T2sY5nBF2JM/

Answering myself ...

There has been a various off-list multi-party discussions and further search on the tag length topic.  To summarize for later reference, beyond following the previously discussed RFCs, there don't appear to be better academic pointers on attacks or outside SDO guidance to motivate the choice of 12 or 16 octets beyond what we have.  Therefore, let's keep the RECOMMENDED 12 octets when generically referencing CMS which keeps symmetry with RFC5084.  When we get into specific "application domains" (e.g., CRMF), we should consider this case by case.  draft-ietf-lamps-crmf-update-algs  can take a more conservative approach of 16 octets -- which is the current text as of -03.

[snipping all of the other AD review feedback]

Thanks for addressing it in -03.

Regards,
Roman

_______________________________________________
Spasm mailing list
Spasm@ietf.org
https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/spasm__;!!FJ-Y8qCqXTj2!Peh119Sbv_x8E5HgR2x6pfe6O9hZBlK-trJr9yQY51jUrw7fFcNRLvXScvR5LyrLbn0ODNIKXA$

v2.23.0 | Report a Bug | By Email