[TLS] TLS 1.3 Recommended ECC curve for 192-bit security
John Mattsson <john.mattsson@ericsson.com> Mon, 12 October 2015 09:01 UTC
Return-Path: <john.mattsson@ericsson.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 824C91A00B8 for <tls@ietfa.amsl.com>; Mon, 12 Oct 2015 02:01:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.5
X-Spam-Level:
X-Spam-Status: No, score=-1.5 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TmUGQmcH_-Cq for <tls@ietfa.amsl.com>; Mon, 12 Oct 2015 02:01:47 -0700 (PDT)
Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 148301A00A0 for <TLS@ietf.org>; Mon, 12 Oct 2015 02:01:45 -0700 (PDT)
X-AuditID: c1b4fb30-f79626d000006adf-cc-561b76f7c676
Received: from ESESSHC007.ericsson.se (Unknown_Domain [153.88.253.124]) by sesbmg22.ericsson.net (Symantec Mail Security) with SMTP id 5A.32.27359.7F67B165; Mon, 12 Oct 2015 11:01:44 +0200 (CEST)
Received: from ESESSMB307.ericsson.se ([169.254.7.184]) by ESESSHC007.ericsson.se ([153.88.183.39]) with mapi id 14.03.0248.002; Mon, 12 Oct 2015 11:01:43 +0200
From: John Mattsson <john.mattsson@ericsson.com>
To: "TLS@ietf.org" <TLS@ietf.org>
Thread-Topic: TLS 1.3 Recommended ECC curve for 192-bit security
Thread-Index: AQHRBMydOHy9F9/ta0KlukZnanicFg==
Date: Mon, 12 Oct 2015 09:01:43 +0000
Message-ID: <D2414396.3D932%john.mattsson@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.5.4.150722
x-originating-ip: [153.88.183.20]
Content-Type: multipart/related; boundary="_005_D24143963D932johnmattssonericssoncom_"; type="multipart/alternative"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrPIsWRmVeSWpSXmKPExsUyM+Jvje6PMukwgx33uS0+ne9idGD0WLLk J1MAYxSXTUpqTmZZapG+XQJXxsO7i9gLTs1hrNg3bwN7A+Pr6YxdjJwcEgImEheOTGCDsMUk LtxbD2RzcQgJHGWUuD+hmQXCWcIocWYhiMPJwSZgIDF3TwNQFQeHiICixKfP2SCmsIC1RM9X E5AKEQEHifbdE5kgKvQk3m9RBAmzCKhKXJveC7aKV8Bc4ubTi8wgNiPQ2u+n1jCB2MwC4hK3 nsxngjhHROLhxdNQp4lKvHz8jxVkpCjQyD3LJSHCihJXpy8H28QsUCGx5ZgWxHRBiZMzn7BM YBSehWToLISqWUiqIEpiJBbu3MMGUaIpsX6XPkRYUWJK90N2CFtDonXOXCjbWmJl11s2TDXe Elf27GOHGOMgMWeW7ixg+DELHGOU+LxkHTNEjZHEkns/GbHpnbDnK9RMB4mvv7ezwDVv6P3F DDHUSGLDNk5kvQsYhVcxihanFiflphsZ6aUWZSYXF+fn6eWllmxiBKaQg1t+G+xgfPnc8RCj AAejEg/vw9tSYUKsiWXFlbmHGKU5WJTEeZuZHoQKCaQnlqRmp6YWpBbFF5XmpBYfYmTi4JRq YOyY9My96t4km9KwXdF7zrwxaLp4X3fWTo3XR141zPa8fJhZhzdI8rmKdf3hbWy+z+LjP0lI 7NpsbGU1Y4fAlzVly7oubn0osZNzTfG6tT58oRO3huRK9HVkHPdbM6f85v2L289Ylm+rbXz4 dcmWey0xVmtiFnPyx+7X55nN+jZHljdQy6t89z4lluKMREMt5qLiRADXpk6TAgMAAA==
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/2gEM58hEDdV2z2lBj0HbqkR-ai0>
Subject: [TLS] TLS 1.3 Recommended ECC curve for 192-bit security
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Oct 2015 09:01:49 -0000
I think the selection of MTI Cipher Suites (Section 8.1 of draft-ietf-tls-tls13-09) is excellent, but I am missing a recommended ECC curve for the “SHOULD” cipher suites. Little benefit of using AES-256 with P-256 or curve25519. Shouldn’t there be a SHOULD implement ECC curve giving at least 192-bit security? E.g. "These cipher suites SHOULD support both digital signatures and key exchange with secp384r1 (NIST P-384)." Cheers, John JOHN MATTSSON MSc Engineering Physics, MSc Business Administration and Economics Ericsson IETF Security Coordinator Senior Researcher, Security Ericsson AB Ericsson Research Färögatan 6 SE-164 80 Stockholm, Sweden Phone +46 10 71 43 501 SMS/MMS +46 76 11 53 501 john.mattsson@ericsson.com<mailto:john.mattsson@ericsson.com> www.ericsson.com<http://www.ericsson.com/> [http://www.ericsson.com/]<http://www.ericsson.com/> This Communication is Confidential. We only send and receive email on the basis of the terms set out atwww.ericsson.com/email_disclaimer<http://www.ericsson.com/email_disclaimer>
- [TLS] TLS 1.3 Recommended ECC curve for 192-bit s… John Mattsson
- Re: [TLS] TLS 1.3 Recommended ECC curve for 192-b… Michał Staruch
- Re: [TLS] TLS 1.3 Recommended ECC curve for 192-b… John Mattsson
- Re: [TLS] TLS 1.3 Recommended ECC curve for 192-b… Sean Turner
- Re: [TLS] TLS 1.3 Recommended ECC curve for 192-b… Yoav Nir
- Re: [TLS] TLS 1.3 Recommended ECC curve for 192-b… John Mattsson
- Re: [TLS] TLS 1.3 Recommended ECC curve for 192-b… Quynh Dang
- Re: [TLS] TLS 1.3 Recommended ECC curve for 192-b… John Mattsson