IETF Logo Mail Archive

[TLS] Re: Disallowing reuse of ephemeral keys

Peter Gutmann <pgut001@cs.auckland.ac.nz> Fri, 13 December 2024 09:55 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 21096C14F747 for <tls@ietfa.amsl.com>; Fri, 13 Dec 2024 01:55:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.005
X-Spam-Level:
X-Spam-Status: No, score=-2.005 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.auckland.ac.nz
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2IIfnw7x6IQB for <tls@ietfa.amsl.com>; Fri, 13 Dec 2024 01:55:04 -0800 (PST)
Received: from AUS01-ME3-obe.outbound.protection.outlook.com (mail-me3aus01on2160.outbound.protection.outlook.com [40.107.108.160]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A7CC7C14CEED for <tls@ietf.org>; Fri, 13 Dec 2024 01:55:04 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=aTXOHzvJR2lKzTl5z7d0NXbzp+KBjA7eQ9SlyjbhltFwLknSQiCFQ05bQgPIZ/rJYKR3kLIyde/v6JzHiV1wM+vHx43o3IAaQP6cWcD4dl1fPei9YDEuRwuiwVzoCysL7OVjw1waHE0Is63r04phL+THvLEBM+0gD2FSsyL0GXQKjKVQ5xgNPohqDLMJfRKa/8/OGZ62JmC4O+v/P8/I3AAxK81evvuW2Csp4nLigXuBhZ1sbNlqtimFoRgdZICnvfExlKWJGvTesS3skeS1WPcee+1gF7elCuDkA5MH71jSnOF7TfnNY916G0VdFrBhhGUfxnRSiEKLzHjJGPPfHg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0Kn7HaMGlLWPRX8TC09B49F/xciOXRrPO3ds127Z0EU=; b=IBt5BlHQCCJ4oqoUjMtDGYZ1q2/U8aj6Ud1p5Hfq2rg/auiVEdmtE/7JzUgYbbWQwNE+Oeyp1dUX62KX1xzIMMlRxxrBNtGHywapLsv9C6qR2mE0GJkh5HJ1zRdsTpwXw22Hk6Zlzzk3TFF0VIJl57mxiyZP158+GXd7S3pVC6at0Z2fV+eVb9pky5juzKVUto+ElCYvYIJsZXzYGmYXgt3Sgv4eA5tbXSgzfFNaMHM7uCI6bclgM75mhK6X8JczHzPL2E8r6yMueFq9xrgZE7cUnU7AtzJ6xhM+2aJDc6w3Dq4GUW61GMNY4G7Qn9NYtkHpt0KvyxM6bSQfMK05uw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.auckland.ac.nz; dmarc=pass action=none header.from=cs.auckland.ac.nz; dkim=pass header.d=cs.auckland.ac.nz; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.auckland.ac.nz; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0Kn7HaMGlLWPRX8TC09B49F/xciOXRrPO3ds127Z0EU=; b=JoFOXHubxGxBU3icf1bRLer/qeDy5Sf6jpLri1aV63RQ9U7QzaCopGo32ulcPdYM5DL+uxQ7fD/LuotGD8orKt+zRoBcAe+yyvXea8wORIhQ6/5aq7twisnizzsciDVLPlBI+fJemXhazl8xgNrJ8asSsPFjAbi4xAFnsZl1SVZXQK83HleoXVz7D74FcxOIGN8uh4+1cVxBJMJqaq8dOam/UBPbVhH3UQwP12WXRUFSK0CkYnVLCMz86vfcdyosKZn3OotuHXD5kgJlWrNC0Ks01yBj7aeDS1qxsLiK5YTlRi1bGSY88sMYH27xCV1MyjQFzfFXouy+e51RfnaLGQ==
Received: from ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM (2603:10c6:220:229::18) by SY0P300MB0309.AUSP300.PROD.OUTLOOK.COM (2603:10c6:10:24b::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8251.16; Fri, 13 Dec 2024 09:55:01 +0000
Received: from ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM ([fe80::2b6:430a:4d2a:5c52]) by ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM ([fe80::2b6:430a:4d2a:5c52%3]) with mapi id 15.20.8251.015; Fri, 13 Dec 2024 09:55:01 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Richard Barnes <rlb@ipv.sx>, Filippo Valsorda <filippo@ml.filippo.io>
Thread-Topic: [TLS] Re: Disallowing reuse of ephemeral keys
Thread-Index: AQHbTL7SDfy5JopLLEedPGM+imiwU7Li5c6AgAEKmhc=
Date: Fri, 13 Dec 2024 09:55:00 +0000
Message-ID: <ME0P300MB0713142598D8A555143A4C62EE382@ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM>
References: <CAOgPGoCHnXZzzoAFT8GGmByr=7y1j5wM3ptPc4_JBF3FhtVNmQ@mail.gmail.com> <bf28dd19-0534-4403-8e20-50bcbbc0fcdd@app.fastmail.com> <CAL02cgQ9610CzMfcJEPcfpDRemyvAh3-AEH=GZbmV4QdWtQCXA@mail.gmail.com>
In-Reply-To: <CAL02cgQ9610CzMfcJEPcfpDRemyvAh3-AEH=GZbmV4QdWtQCXA@mail.gmail.com>
Accept-Language: en-NZ, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.auckland.ac.nz;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: ME0P300MB0713:EE_|SY0P300MB0309:EE_
x-ms-office365-filtering-correlation-id: 68e4bb47-3a8d-4d72-8e5e-08dd1b5c35ae
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|376014|366016|38070700018;
x-microsoft-antispam-message-info: jkZi+ZTk8RYSYMLjgq/rqh+jp2+4LvDQV684XMZ8GNHeVCkwIWAyYXnsbj9SxwPYzSogDl0h9iz/oZKuk3KnKWZ3P5KICiFHE2Ik6or/NXZrxigSqaig0xI49VEmhxI4jPONugCWhLUEVF0PSCoxb0H2nr1/2oryV8qmxjdnqunvVcL6tDqdMTJ9455j/02h1dYvz5usT3kk945GxUlo6NZi/pzySTHyc8vlkP/0ZCExKCgBmNVtSxH0sr1ezkI5tUWYg2vLK99KZI0wMw6a8mseu9LmVCq3w4nPfTO080XCUfidRWuaCNu3lBfrUtf8u+sCqHR07/HRwqnvxru0bjyqD35+lgU2e9w3/fZMaKxHOtzdpfFxs9/YzbMxb0/w/mhU/onmdiZ7nIDRP03BFEuSPTJrM2yh3XllXnOD09lMifSY1B9pjKnkTbYdxJ/DJi/FzB36u6pN21Gcv3GFNjxp0BO2CK2EMOsfOvllJWjDMiTEbkBEdxU+CoKmDfBEbCqSkQpXAVdcsjYp+Y0QKL6mxfqDMVByfP/3EwBaVz77fJa6+1Vo8m/KJ9uMWoWj//IydtGF3HP5VJjysf4I/ynO5GeZqHzlG/gmhNK1EFNgYQxkwqDPL3+jyoq7kwbBaWtKWB824tx3b9Wy2IqbeyO2sKq/7Hja3e8w0e479LLxklS06Paa2O1MFX4wkBTit7POMPeMpn4xquxQpf+sdOKrxygcTPveZZS/CHYiK34YBINM68NRSjlvh8W/tTPhuvD9C1gr7QGvMiCecOTPkzaw7gyRyFa3vXP+/kLZ/P9+t15EkscxRRVRcXezXX1YWCE9HC5AmKd/ZIbMpG39TNpLVc/PkW9KsaSaOd/9P9Rw+liadLQMDYn3JdhdmHU7wpWt/cumR5T4bJUISI7K1t3w9B/KYQs2d+X/Pov8v4jabfhA5P4upEtMy5tXFK+axtsCysr+i/DDyt4npsVdGyh+DCQ+nTClcpaKjMQCelQQQK9RHk1T3DmUGV4//MZN00czqd8z3WYK/6p5RiZVHOmRrDmuWqLkuIgP36sEMuLFZDEAnvKOxA8mxW80RNOIEpDLot16aeHVFBWpIhpjU4E5XbGhOwAUz0cupyE2tU8nv72kMnb/be0YhdCZegOJc/uCE09nRkkUxnRkkj/khiK+zuHTalFt1hAo0R/TSO3CGbE7PSUJK86L6AlT8CGu8GbPb3rBGRV9zOnkJLCOoiDI7JHVkVtqw760AcL4JLqBBNtQxFiyvSstgAw+ddVmnZCf6Vp3W5lPEo0bcHCSGqiQDT47USEz9nD9K+eSaWbeaiaQLTarEmctWYeWsSyVr3kmpkDtmhvCLnCaStvKkp6k4bzKeTankCt0UTbcS4xn0ym9d18IPYdKyAT90B7FhkgNuJUEyG1V5Hv//182SQ==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(376014)(366016)(38070700018);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: LB1o0yZpli4RSJ7uU59hYs7ZEQChdPOdZ+mtAlgRwVGJzbRabQ0qrIwpYACouBbdPfp58jigQrTAJApw2xk+nKM1qJEHEtUsWUV1x55+wZO1V4Ju8zUX8KmFMDlpSeYHXTdw/CNNETNZftJxd1ZAT3939n60xfX0Y1doI9JG29yZKH/tic+eIeaaTlO1cWjJChPQCTzmMKiium1biX3B44Z1NkaUXP3/J4x4uESec1/A5DMyZ9ZjsOCVIrsya0kr4GGtOXwARp9fYklnGY3xTM1/TyEGemA8qtR2inZKfgPoQukEkErc5ThFbXQdBvIkw7tADIfFOpC5kNZGISzHzoA96/TGSOJi5bfgqLi4GRpN8fNzJc4VVDRm2CG1lzesyYljatyl7dfH96mi8W2yqzwCqVsQo6gboTZ7XWNQPVTMBemzQFqhf2nphk1yQ+bqXSiLFtRozm1VNCxHAs3tpY9UxaAKB77km7E97jmxfwCTD1YosxZiQ6Gt4FKIU7QbX7IZX9lNjTblFqkwqNAsLBiOoGJCmp5aXwber5CHza/f5kULSp0ITPeGUjA2KBt6ge5XHr49IxuhylLvrfkd+O5Eu/WR79jlbYB3woW2gVEEYjH0MlLzZe9psLMyOOrEnxItuDFSJ6xsHw37tiOoaKYEHxwvgMPo0q8CcN5lCZgU2NPAeTORcqC5MvvpwH0usXmE0VKQI/46m95n+CAj1qFxXn8LuFmriQyGPhuG6nKkD05fhUyep+FntEVKKos1RJb9rTC282RWPgkXDGr2Up9tM0iA0ZNXGJE8lIHSKy6+xlAdMOe+5dqQcMFAUacAwksD6AvLnHVn0OREItUicndm3Ic4cJnyX5CgQOpugXIDktFCapNLbeqnw5b3Ml0c9+Dc3Av0useALGcFjaKwCA7/iXXBQ3aSeVnLnCJ1ZAg514gjY5JEaUuwVz2CnK8dlL+6GnjjibbOXOrayh8QhdKpaSc1W00LGKIr8uX5/ujd5SrKhkFce0Cuxw/GyxAHyntpMliQFnoL0XiuXQalfkDUiL7eVjekZYq8Y+l7ZDZqvxNEXL5bj2476Kl6KO3uyyxpafB6QPhMqU98wdz9hoXhVKeNKVSLftUsS0W09TKo74UR5dpkdNcMAw/VRHXdYQ0Mit7FMg1W9ZPfzR7hO3D2U0bNp8v4UssJt5wC/CVFhvBgNq1egWZukDlOFHZDkfrkLRxX7vsL9Sz+hrTfR3heMYF6XUilLgwT8iS3GO8j8lBNAbbsP6s1QBQZcRv4gC6SuYXtPtDgnfiSdtUyC9ALee9B06APaPaRIuEulKdkIkq4r5MeT/XynyG41AN6GCVM/Oq3uOcjrRDLdSrMt26nUbynSCoKo7e8U180chjR54/e56xqFzwSrdmEhsQompf9EwoFADtHKF3M/nIoW7uHWdxUsh6kwUrFJvjZ+1k4dvdSHgeWMLSA79V6Imqipz7ivtNkabBNEna+UzC0j0r0KiYYfwgiiy6FGk2gHZzniy8RT5LrsrD8fOU+qZkTdQZQ2E5grLr7aHn/bO/mNLr9Y4GbXe8pDN8x7NcoQiTtUpWTHE2B4q9GEalinRDo
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: ME0P300MB0713.AUSP300.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 68e4bb47-3a8d-4d72-8e5e-08dd1b5c35ae
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Dec 2024 09:55:00.7479 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 62rCtc4pLVjOeTP/R45Y1Rhy70+T6PHIo+O4+RtrQgH8hhPvd8M++2ZTxwLRrp2EDlcOPKZe8mNfvV5qb49GGRJW3qW6BXYXRyKVKpLiq8c=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SY0P300MB0309
Message-ID-Hash: I7C77BJXCGFKXLKYQSBJF5D2I34ROVRW
X-Message-ID-Hash: I7C77BJXCGFKXLKYQSBJF5D2I34ROVRW
X-MailFrom: pgut001@cs.auckland.ac.nz
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "tls@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Disallowing reuse of ephemeral keys
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/-VgA6dp62Bmti42aZb3YKmB6mfc>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

Richard Barnes <rlb@ipv.sx> writes:

>3 seems like it encodes the expectation of most people for what the protocol
>means.  If you're using a cipher suite labeled something like "ECDHE", it's
>reasonable to expect that it's actually ephemeral,

I'd support 3 as well for the same reason, it says (EC)DH-Ephemeral, not
(EC)DH-Possibly-Ephemeral-But-We-Cant-Guarantee-Anything-Who-Knows-What-You-
Might-Get-Are-You-Feeling-Lucky.

Peter.

v2.29.0 | Report a Bug | By Email | System Status