IETF Logo Mail Archive

Re: [T2TRG] Quick Doodle T2TRG security topics (Re: New topic for T2TRG?)

Rene Struik <rstruik.ext@gmail.com> Thu, 23 December 2021 18:38 UTC

Return-Path: <rstruik.ext@gmail.com>
X-Original-To: t2trg@ietfa.amsl.com
Delivered-To: t2trg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C90E43A08AE for <t2trg@ietfa.amsl.com>; Thu, 23 Dec 2021 10:38:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.951
X-Spam-Level:
X-Spam-Status: No, score=-3.951 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-1.852, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UyuiCxQxPZwq for <t2trg@ietfa.amsl.com>; Thu, 23 Dec 2021 10:38:09 -0800 (PST)
Received: from mail-qv1-xf36.google.com (mail-qv1-xf36.google.com [IPv6:2607:f8b0:4864:20::f36]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B84363A08AD for <t2trg@irtf.org>; Thu, 23 Dec 2021 10:38:09 -0800 (PST)
Received: by mail-qv1-xf36.google.com with SMTP id fq10so5920914qvb.10 for <t2trg@irtf.org>; Thu, 23 Dec 2021 10:38:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=message-id:date:mime-version:user-agent:content-language:to:cc :references:from:subject:in-reply-to:content-transfer-encoding; bh=o/9G5kTGoZQHFVi/N0yXeFWsJSTsyM5GbhudsKR1Dss=; b=fAbDISkr95AoB0t4sr7PONnRhG2HJfk4Fg62LxoJTeDkNVPBYP2bWV11aFchyyokv6 IwZ1bdgHzRKFLNZw6vMKIptaeim2VMT3tl/ZNojA+1F5AU7zEpVQ4DcxLZCTHqElHwGg dHmSydPMwlz/lxZelf01wIGkbff5EO4qKQLThH2bhn9w9DOsGl0tj2aBRQ84yK5GskB3 Gd0DOD+0qgxWOqTlbglm+u6G9Ug5NJFaBaNnbXctlkA8zKxv3bybKyAtC2pQnlE9m5kl UgMvaKLkj49pG1tpqpSp3nMgBqhjhIB+//TMLX0QQ0grgkY+KK+MUVa5d7farmwMRzh4 /bTQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent :content-language:to:cc:references:from:subject:in-reply-to :content-transfer-encoding; bh=o/9G5kTGoZQHFVi/N0yXeFWsJSTsyM5GbhudsKR1Dss=; b=hNnP5O6soUpeth+5/tBhrFe8VHAI65DfufQ44KAfPMpG1TOwLgXpdaDtA474N9gl+V +GxWKVcD1QmyNMfZBesLvnXYihdl/OFXL+OJkTULZ1DEtG7AhSZ7Tatx8aDhrfkef7l1 dmsJY/iRTtavrvV8hLXYKzXeoJv3JAEv4QGREiN66UCjidkdOiOulXkklT+7NZtqCPiV G9PhI35jGrqxNqL7VR5JrCWjL13RS6sN3KLJDwTQNL5Eze8x4MU02bmxamX/BnrFeY1x QDP3pNC2gJlEiNZmZJLlqPQcktvjS0QXLRP84PH5ub5HZ4l88MBWE0oaSKC4s+theFCl qVuA==
X-Gm-Message-State: AOAM53140U9VqXIoe5HruLUdbj/YdbSofidoMt2T/4LjrMpWSCEtB+jn qqKnvoaqeKMV/Tofa8noWZkydlAENag=
X-Google-Smtp-Source: ABdhPJzmX91yMFJo9xmql/nHZOV70/8K2tQUYq2p9S1vtapbYp6dXSWTCZ9k1w34J08QB8gCQ5IUmQ==
X-Received: by 2002:a05:6214:1d03:: with SMTP id e3mr2723122qvd.77.1640284687928; Thu, 23 Dec 2021 10:38:07 -0800 (PST)
Received: from ?IPV6:2607:fea8:8a0:1397:fc5f:12b:d173:619a? ([2607:fea8:8a0:1397:fc5f:12b:d173:619a]) by smtp.gmail.com with ESMTPSA id w10sm5469528qkp.121.2021.12.23.10.38.07 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 23 Dec 2021 10:38:07 -0800 (PST)
Message-ID: <616d64f3-ae50-3eb7-e6be-ca00f364fb82@gmail.com>
Date: Thu, 23 Dec 2021 13:38:04 -0500
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.4.1
Content-Language: en-US
To: Carsten Bormann <cabo@tzi.org>
Cc: "Apple Inc." <goran.selander@ericsson.com>, "t2trg@irtf.org" <t2trg@irtf.org>, "core@ietf.org" <core@ietf.org>, Mohit Sethi <mohit.m.sethi@ericsson.com>
References: <YYkUABLfpU/SRaxX@hephaistos.amsuess.com> <YYqfI38dg8035RLn@hephaistos.amsuess.com> <YZPGVxFc7AvdYXNB@hephaistos.amsuess.com> <AM4PR0701MB21955D1AB35A1A335B5EFDD0F4669@AM4PR0701MB2195.eurprd07.prod.outlook.com> <97ED3090-7BBA-4ED8-B50B-26C5AC863EB5@tzi.org> <8CDC234A-7F52-4571-8CCA-0D5F59A84DB6@tzi.org> <5B94533C-55C8-4DD8-BB57-29E96880A951@tzi.org> <80a44d0d-767b-46dd-8e26-2f032dc653a5@gmail.com> <D72AA61B-9DAD-4849-B9F1-8529CA990860@tzi.org>
From: Rene Struik <rstruik.ext@gmail.com>
In-Reply-To: <D72AA61B-9DAD-4849-B9F1-8529CA990860@tzi.org>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/t2trg/Hxt6iQKw1l3tXb7tpYyeW8pqkYI>
Subject: Re: [T2TRG] Quick Doodle T2TRG security topics (Re: New topic for T2TRG?)
X-BeenThere: t2trg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IRTF Thing-to-Thing Research Group <t2trg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/t2trg>, <mailto:t2trg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/t2trg/>
List-Post: <mailto:t2trg@irtf.org>
List-Help: <mailto:t2trg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/t2trg>, <mailto:t2trg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Dec 2021 18:38:15 -0000

Hi Carsten:

Thanks. If there is a brief problem statement on what problem is solved, 
both stated and in real life, I am happy to reflect on this: I have done 
quite a bit of protocol analysis, including fixes, but this starts with 
a clear description about what one wishes to achieve (at least, on the 
crypto level with existing protocol soup distractions removed for the 
moment). A good use of yet another cooped-up time window or simply next 
to the Christmas tree. {if not completely clear/complete yet, please let 
me know offline -- I can fill in part of the blanks if not that many}.

Best regards, Rene

On 2021-12-23 12:38 p.m., Carsten Bormann wrote:
> Hi Rene,
>
>> During the call, you mentioned that EAP-NOOB seems un-implementable (or, one of your students thought so). If you could articulate what is good and what is bad (in terms of feature set, user experience, etc.), that would be good to know, as would be whether you think this can be remedied or whether one can improve the protocol with a minor tweak.
> I haven’t really looked at the protocol, only briefly at the implementability of the signing inputs after a student alerted me to issues he had.
>
> Re the protocol, I’ve heard rumors that a simpler protocol could be invented that solves the same set of problems, but I know nothing about that.
>
> Re the implementability: I sent some notes to Mohit; I’m sure the student will also write up something but it is a quiet time here in Germany right now.
>
> I think that the RG would benefit from an analysis of NOOB, both with respect to technical details such as signing inputs, and with respect to players, trust relationships, outcomes, etc., and how the protocol addresses these.
>
> Grüße, Carsten
>

-- 
email: rstruik.ext@gmail.com | Skype: rstruik
cell: +1 (647) 867-5658 | US: +1 (415) 287-3867

v2.23.0 | Report a Bug | By Email