Re: [tcpinc] new drafts of TCP-ENO and tcpcrypt

iang <iang@iang.org> Fri, 13 October 2017 16:24 UTC

Return-Path: <iang@iang.org>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 38688133020 for <tcpinc@ietfa.amsl.com>; Fri, 13 Oct 2017 09:24:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.8
X-Spam-Level:
X-Spam-Status: No, score=0.8 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bu-X0D_Kaijj for <tcpinc@ietfa.amsl.com>; Fri, 13 Oct 2017 09:24:28 -0700 (PDT)
Received: from virulha.pair.com (virulha.pair.com [209.68.5.166]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78746132076 for <tcpinc@ietf.org>; Fri, 13 Oct 2017 09:24:28 -0700 (PDT)
Received: from virulha.pair.com (localhost [127.0.0.1]) by virulha.pair.com (Postfix) with ESMTP id 38EFD6D50E; Fri, 13 Oct 2017 12:24:27 -0400 (EDT)
Received: from plata.local (iang.org [209.197.106.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by virulha.pair.com (Postfix) with ESMTPSA id E08EA6D4D2; Fri, 13 Oct 2017 12:24:26 -0400 (EDT)
To: tcpinc@ietf.org
References: <D38E22E9-FBB6-40D1-BF85-D5A77F5C2365@kuehlewind.net> <20170830223758.GA73969@scs.stanford.edu> <3a8ac0e0-cd41-57c8-85a4-79c5f179385f@kuehlewind.net> <20170929203434.GA73214@scs.stanford.edu> <D78092B0-4C01-47D6-9B5D-9DB1DA5EFA83@kuehlewind.net> <877ewgrtp8.fsf@ta.scs.stanford.edu> <20171004233140.GB84701@scs.stanford.edu> <BDB8460A-E193-4C9C-BCBA-99B805F93D0A@kuehlewind.net> <e2ae6028-6ed2-c547-2a1f-f3c170b0fb89@posteo.net>
From: iang <iang@iang.org>
Message-ID: <3879588f-d5ef-43c9-9d2c-7fe9c2657709@iang.org>
Date: Fri, 13 Oct 2017 17:24:18 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <e2ae6028-6ed2-c547-2a1f-f3c170b0fb89@posteo.net>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpinc/8o5cpHtAEHgHJJrwp40-7Kln5M0>
Subject: Re: [tcpinc] new drafts of TCP-ENO and tcpcrypt
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Working group mailing list for TCP Increased Security \(tcpinc\)" <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Oct 2017 16:24:30 -0000

On 08/10/2017 00:33, Gregorio Guidi wrote:

> ...
> Having ECDHE-Curve25519 and ECDHE-Curve448 as MTI was suggested, but 
> the lack of implementations for Curve448 was mentioned. Unfortunately 
> this is still an issue: there are implementations available but no 
> stable and well-proved implementation of Curve448 is there yet, as 
> shown here:
> https://en.wikipedia.org/wiki/Comparison_of_TLS_implementations#Supported_elliptic_curves 
>
>
> Nonetheless, in the time passed since that exchange, the adoption of 
> Curve25519 has consolidated further, so the option to have 
> ECDHE-Curve25519 as the only MTI would not look so bad in my view.

+1.  The notion that we need two MTIs with one longer than 256 bits in 
an embedded optimistic half-measure needs some serious justification.  
And the one that fits best in kernel, isolated from external libraries, 
is likely best for attack surface.  I'd put my money on Curve25519 every 
day of the month for that.

iang