Re: [TLS] Another IRINA bug in TLS

Santiago Zanella-Beguelin <santiago@microsoft.com> Thu, 21 May 2015 14:29 UTC

Return-Path: <santiago@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8BEC31A03A2 for <tls@ietfa.amsl.com>; Thu, 21 May 2015 07:29:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id teNfsjTv29w9 for <tls@ietfa.amsl.com>; Thu, 21 May 2015 07:29:23 -0700 (PDT)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2on0124.outbound.protection.outlook.com [65.55.169.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A2A671A0395 for <tls@ietf.org>; Thu, 21 May 2015 07:29:22 -0700 (PDT)
Received: from BN3PR0301CA0023.namprd03.prod.outlook.com (10.160.180.161) by BY1PR03MB1356.namprd03.prod.outlook.com (10.162.109.26) with Microsoft SMTP Server (TLS) id 15.1.172.22; Thu, 21 May 2015 14:29:19 +0000
Received: from BY2FFO11FD040.protection.gbl (2a01:111:f400:7c0c::129) by BN3PR0301CA0023.outlook.office365.com (2a01:111:e400:4000::33) with Microsoft SMTP Server (TLS) id 15.1.166.22 via Frontend Transport; Thu, 21 May 2015 14:29:19 +0000
Authentication-Results: spf=pass (sender IP is 206.191.250.196) smtp.mailfrom=microsoft.com; redhat.com; dkim=none (message not signed) header.d=none;
Received-SPF: Pass (protection.outlook.com: domain of microsoft.com designates 206.191.250.196 as permitted sender) receiver=protection.outlook.com; client-ip=206.191.250.196; helo=064-smtp-out.microsoft.com;
Received: from 064-smtp-out.microsoft.com (206.191.250.196) by BY2FFO11FD040.mail.protection.outlook.com (10.1.14.225) with Microsoft SMTP Server (TLS) id 15.1.172.14 via Frontend Transport; Thu, 21 May 2015 14:29:16 +0000
Received: from DB4PR30MB032.064d.mgd.msft.net (141.251.50.216) by DB4PR30MB030.064d.mgd.msft.net (141.251.50.210) with Microsoft SMTP Server (TLS) id 15.1.112.16; Thu, 21 May 2015 14:29:12 +0000
Received: from DB4PR30MB032.064d.mgd.msft.net ([141.251.50.216]) by DB4PR30MB032.064d.mgd.msft.net ([141.251.50.216]) with mapi id 15.01.0112.000; Thu, 21 May 2015 14:29:13 +0000
From: Santiago Zanella-Beguelin <santiago@microsoft.com>
To: Aaron Zauner <azet@azet.org>, Nikos Mavrogiannopoulos <nmav@redhat.com>
Thread-Topic: [TLS] Another IRINA bug in TLS
Thread-Index: AQHQkwYvDdHZ+lmQNUW54l67jurcrZ2E9gcAgAD9fwCAAB8/AIAAAj6AgAAyIwCAAAGZgIAAAX4AgAACGWGAAAP8AIAAAqUAgAAJjSKAABE/AIAABcKAgAABpQCAAAkSNg==
Date: Thu, 21 May 2015 14:29:13 +0000
Message-ID: <1432218552047.85642@microsoft.com>
References: <CACsn0ckaML0M_Foq9FXs5LA2dRb1jz+JDX7DUej_ZbuSkUB=tQ@mail.gmail.com> , <1432134170.2926.9.camel@redhat.com> <9A043F3CF02CD34C8E74AC1594475C73AB027EED@uxcn10-tdc05.UoA.auckland.ac.nz> <555D90F6.10103@redhat.com> <1432195799.3243.18.camel@redhat.com> <555DBCE6.7080308@redhat.com> <1432206909.3243.45.camel@redhat.com> ,<555DBF7E.9050807@redhat.com> <1432207863352.27057@microsoft.com> <555DC498.2000109@redhat.com>,<1432209104.3243.65.camel@redhat.com> <1432211226723.39265@microsoft.com> <555DDD4A.4040206@azet.org> <1432216095.3243.70.camel@redhat.com>,<555DE380.1020906@azet.org>
In-Reply-To: <555DE380.1020906@azet.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [92.151.241.88]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-Microsoft-Exchange-Diagnostics: 1; BY2FFO11FD040; 1:F/dsQ6LRq9YfQ1+xP2ASTGIwVaBIVeQMbRz29EqaERGlPYTOcldmWnAR9eQFA0L2E7j/vsU5JkhfQGW1iJHIzGfkPe55wqfF62+JuwC26EIDAHTNGJqHVpZFNWRWmB7r9LkC/9WlqBGbRTY1mrlYxPvuyoyLxzmbFB5RnisuhXW8rkIOBmAnrLAfECXYDGfguvxfoKtyYAd2eXtHnEYqov0SQGoBqy7HuOyGVeaMSM3mIvD8RI+0FHg+HbYd1ZEJ/MfzTpTOFbsONCxaoZkVm/56AF9wYN4UebUHJJThMfSXctxkdoK2qpMfhDbCOXc7
X-Forefront-Antispam-Report: CIP:206.191.250.196; CTRY:US; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10019020)(6009001)(438002)(189002)(24454002)(199003)(377454003)(36756003)(2900100001)(2950100001)(106116001)(86146001)(23756003)(106466001)(189998001)(68736005)(46102003)(16796002)(5001960100002)(93886004)(102836002)(54356999)(76176999)(117636001)(4001540100001)(81156007)(92566002)(87936001)(5001830100001)(97736004)(5001770100001)(66066001)(77156002)(62966003)(5001860100001)(50986999)(2656002)(19580405001)(19580395003)(64706001)(86362001)(86612001)(47776003)(50466002)(6806004)(69596002); DIR:OUT; SFP:1102; SCL:1; SRVR:BY1PR03MB1356; H:064-smtp-out.microsoft.com; FPR:; SPF:Pass; PTR:ErrorRetry; MX:1; A:1; LANG:en;
X-Microsoft-Exchange-Diagnostics: 1; BY1PR03MB1356; 2:2ujj6RBaZbkyLwI20TU4ut9x4dPEcJB6dXCvnul26glLgpXRHXPLI50NqNKzWmlD; 2:lPrngTREY9mHaoB8LmUBScDsgwm4+brKmlSk+iYXeTFg4SBmhZkq6hfWJ8D19Q1GZ/e2d9IRM0LTQTdGFcIj6aPYqXxEH+effXdi74dwyFxHnK07dTAs88ahp5cxWJcieRudXDlJXX91ffMFABiKciMY3iirwVyjktslBFc+hXnU7dCtzvtRLgkPH0IIWxRfOzWDMJvk2dhBoxA1s7DNKU6RC950DIiLrohyU9R9MUxJoTAQuHS2sjKkE/EJ1KQm; 6:9hAva8LMLbxYnNWYKyHKSg4YD4kDo3nkzZGRc5pZqY1bFWMUd9t8iS+y8Y+VZiOZIqvTs21UvpcOhnHXh5Ji0JTwipX103CDEgtixMW9vh+8+1Hq9BauHpkTb+/TphlEysAa7wOtllL4f8ZuLJhJJMJdXLXRro/EJ4Yr1IN6epBmvsTsUPnqoA7Z48MmJMvAqCnFTZHoFi7d2WcUJPQR7BplFnCwQvasgs+hIM3pcsNnaapLx4COVs6Uyvp1iSYkM3ISI9n8v3Vbzd/GlgJV9wSAfJmgH5qUOT8vPkXRTR5pKHtWbOYjJOMM09jtrmONw0rU0iNKwAVHOTzmTXMkmpZQEavCFF54PAqWIFo61jrSr85yQmmrFu91S/cY3i5usBtuMJMq0WCJ++JwyLNggyIxrvMCNRJkWj7WUvb/JKljEKn1r8IyW7JIhskzA4Q3xH7OYZqX/bdlZHXpPAlr/gkLd+Tj/K8uFtN+4G8OmVWzXfP2AUknry2SJQp4A34k
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BY1PR03MB1356;
X-Microsoft-Antispam-PRVS: <BY1PR03MB13568555BD9B7A6759357078C9C10@BY1PR03MB1356.namprd03.prod.outlook.com>
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(2401001)(5005006)(3002001); SRVR:BY1PR03MB1356; BCL:0; PCL:0; RULEID:; SRVR:BY1PR03MB1356;
X-Microsoft-Exchange-Diagnostics: 1; BY1PR03MB1356; 3:a3Pxs7QG0szaKV8EVx1fIK8oBbl9vrVpABCgRi3hVHtSL2/mK2kUv4nmj/pe6bl3keqxFA7yuLa0mmUbQisXL/2WYpTmWKaA7u1pZCNC9bHHhTn0aQdiqCZmrgcxBWSuU3nwLx2nkajMm92w6IL+gFs+NPc5nm1sz4nH8SibgacC+E+GY5HqREGB0ohOvqPIc+rZpBIeE0QinLkAqwq59mgUuoO5XBy8m/yv5gL+zmft+l03wOIoHnoCfrhZUcNQI44BkXXY4T9shJx1drq8A9wLQv+5oiL93uC1omIjycHh9IM+7rIxQh9r88yTc5Cu
X-Forefront-PRVS: 0583A86C08
X-Microsoft-Exchange-Diagnostics: =?iso-8859-1?Q?1; BY1PR03MB1356; 9:ogz7pvhoweu5LwB+2qboxmzyE46eVJJeGhKKRD4m?= =?iso-8859-1?Q?010+91f5zkKxFdbu22vY9M90Fb8LXaDqlV2qYu2aPQASt5ieJ0Zju/iGse?= =?iso-8859-1?Q?DqASrCcYCF6X6SRxp/MEJ0eUw2SuvO2WEZf2wg+7I847/f/QppespYmmlY?= =?iso-8859-1?Q?yqysel09WCrSY/k37HK5yEJIyM45cSkSLEvsD/VXOiMhNI2d3gSo0kdVDC?= =?iso-8859-1?Q?e5miwnL19w5GQ5RFenuKWiKSmpXT1y7LCRdOxQKNbNDSBnyNs4Jgi5V+Lm?= =?iso-8859-1?Q?iVLqyrichE8gg+ElOrVLQMFlqBZwnKreg4125l/Zy0/jZtcifd0oBTwVqR?= =?iso-8859-1?Q?L7/eJhL05cB85sGgfMzE/pfOQac8o8vg+zPdbbxK5oJe8hpOYPxgzxLhn3?= =?iso-8859-1?Q?A+XVuyL9lxW8hrTUdecoqWheob0zwj/QrjiMlCmQOHdls9DGN3xU/+VUmL?= =?iso-8859-1?Q?UnsjXVJR6wMvAgbhE92KNHc5qXqg/YBfOAhM6q/uH8HcQ113HVkcjSvxsa?= =?iso-8859-1?Q?l1+OYKyJ72vbzItYNo6Y600sphv79r22e84md5EAsFdhnFrnHA9sekPeVs?= =?iso-8859-1?Q?qEawd0EIdxHisTlsH1tppHSgN7EP0OibWJgqdcwSlURrRdOiBvrMOz3b0Z?= =?iso-8859-1?Q?vum+eKQgt8aIFt9FfFU0HEDi0jlA2GYqq2btqlM4hgbfAGSVMMs4XUwQNR?= =?iso-8859-1?Q?v3rMz+cvOEhN/vVMWApLqZ/upcF3OCQV+HPXthELBPU1ebnbVqx3iIoFM5?= =?iso-8859-1?Q?6EXRuq3CAVrEA6H4BmF3KuhIzSbI8Mpa5LaGTwRFFtlUQI7gVW1Y9DCRq/?= =?iso-8859-1?Q?L/KEJ62LBNc9rxe10KMWiDDKSwV9vEAnB5+/DB7Avro8J753j/FWlp4ACr?= =?iso-8859-1?Q?U1ktQ4DQiiUScuJ+/LvWsLP4yoRlllHmcCkC94EkBypXGJDhvcB2OrYK1E?= =?iso-8859-1?Q?lGQKuzu7gMoVezzRoHNG81wCOHqcPUePXNpKxNNPLN8/DM6tuGu9ARkbC/?= =?iso-8859-1?Q?k2ndAdhutZqMDZeVvym1ZKJqZf1jnIlyxFAFhrpkYF0OPT38jVwEMn6WUt?= =?iso-8859-1?Q?UkAsHzEdKNg4BSeiYMUSPwAHGyggecesokK3ppZQkBVCYphUvIL8z+cB/5?= =?iso-8859-1?Q?j66BCHeJbJ6XI0RJBzB7TQPbYfFeDnLeALUJSPKD4pbXfH/DASkv5TlmKR?= =?iso-8859-1?Q?mrLQTWMgBQ4Ubb6ojmH4UF5zmZc+ikhrC6u+xS9njKej31FeJYR7Q=3D?=
X-Microsoft-Exchange-Diagnostics: 1; BY1PR03MB1356; 3:L4JVktiQHuqpBjuxnUbLSsByeMfmRRwYe04M/fnFBib7uGfYF1cO3yECRi1ZTzTNuKeI80QS6WyYONHw87QepCGVCpvsFE2F+KoDA6fx5ga1/kOs4TzAiMhh6PfzzipQyA0RijyPPl+jI8ozpwEAUQ==; 10:cx7GjMOS/spuHr5V9Et1umxlTnJow95UMqbN/Vo+z/c36AMoC2Av5X8zG5c1FBX19SG7ZmJCZAFftSv0//FKjDTj3yC1LVDBSrt3+9WAPCg=; 6:NCL93eSo/dxbqMPjN5nZHVRBRr7wSScx67GA+nJSaV3mvKIusciFY/W5COSL1Lmp
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 May 2015 14:29:16.7732 (UTC)
X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=72f988bf-86f1-41af-91ab-2d7cd011db47; Ip=[206.191.250.196]; Helo=[064-smtp-out.microsoft.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY1PR03MB1356
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/0gQFLm56w17MOqCF-NhNuY7Klpo>
Cc: Florian Weimer <fweimer@redhat.com>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Another IRINA bug in TLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 May 2015 14:29:24 -0000

Nitpicking: the Sophie Germain prime is (p-1)/2. We're stuck with the somewhat misleading name "safe prime" for p. 

________________________________________
From: Aaron Zauner <azet@azet.org>;
Sent: Thursday, May 21, 2015 2:54 PM
To: Nikos Mavrogiannopoulos
Cc: Santiago Zanella-Beguelin; Florian Weimer; tls@ietf.org
Subject: Re: [TLS] Another IRINA bug in TLS

Nikos Mavrogiannopoulos wrote:
> The "safe primes" is only a name. There are safe primes for DH that are
> not in the "safe primes" category. The primes used in DSA are such ones.
>

Ok, let's assume "safe primes" means sophie germain primes in this
thread. :)

Aaron