Re: [TLS] Require deterministic ECDSA

Watson Ladd <watsonbladd@gmail.com> Mon, 25 January 2016 20:38 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EFB001A0196 for <tls@ietfa.amsl.com>; Mon, 25 Jan 2016 12:38:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VKzBHNTTha23 for <tls@ietfa.amsl.com>; Mon, 25 Jan 2016 12:38:31 -0800 (PST)
Received: from mail-yk0-x22a.google.com (mail-yk0-x22a.google.com [IPv6:2607:f8b0:4002:c07::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5715E1A0193 for <tls@ietf.org>; Mon, 25 Jan 2016 12:38:31 -0800 (PST)
Received: by mail-yk0-x22a.google.com with SMTP id k129so176591440yke.0 for <tls@ietf.org>; Mon, 25 Jan 2016 12:38:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=0D/sfDT9v3Gjfy6vqRvalfrSF10iVlvIyhay9DdYXmM=; b=AgApdfUH+p/PCpXBeDlBKkeQTj8z5CGvX6mUEPtyOhgj8n74ZH5dmvb6Pjl4ooJtje CVyCWfwsmExHcHWX7/Gq8IXgxLw1L9t4SNwVdze+b1545ti2GjoDytKFCEnCwGTbBfgt BMJslbJvfbME86uV0PG/OBvtoiKlNek8/+uI3gxeNM6xl+5kCQ6UxaxsCI/eHNqarfS7 2Vyvbc5kHkNM0VtF+hdXUhLzcv5LCG5CLD3tTnUm0Iq2+G0b/paAd0DKqHJel8SvHxaU Ic7MAX8NnPM9+rtYFRg0oqjJiJ8Prb3nvkb01uxXOqB269XZa/hM6YSgphEovazecy3u xLNw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=0D/sfDT9v3Gjfy6vqRvalfrSF10iVlvIyhay9DdYXmM=; b=MEfUHhv03WTCSpx7dhE4uaNBSgecvlUAT9Ub79jmFAJ4xf/ld7Lh6+3GNXF/NSc3RS K8eckgjmRaMj7JBfTMP7hZjGU5Bq67CrCMhJU0hzATGfU0YQW1AoL+fbjalxStrNbqOQ G27a2U1dF92lv+xCc7cP4f8Ss6XHcPDKaNCWNa2eSxp0Ru6dpvm5X+P/roU30mPNS76B ih9rSJA9FQDa7nPy15YMMWz73OUNfOHfLGTa6w9rtDVl2s9dguVZs6jq5vadeiyB2OCq g8dY/7teCZ3lwfQ01gQxAPW1JT5AgKoQQVsw/rHyAzruFP9tR74lvne7x1B2nsXFDL23 Lf6Q==
X-Gm-Message-State: AG10YORI0MIjfMu7jr4V0BN/wmGJT8KqUNor8vWXjmanRyJ6GM90S4Jdz+gq+YuMnOC9J9508xg/OVZiUC7tig==
MIME-Version: 1.0
X-Received: by 10.129.45.2 with SMTP id t2mr7633554ywt.182.1453754310640; Mon, 25 Jan 2016 12:38:30 -0800 (PST)
Received: by 10.13.216.150 with HTTP; Mon, 25 Jan 2016 12:38:30 -0800 (PST)
In-Reply-To: <b075e5774d104662b4b39c0bca9d9d94@ustx2ex-dag1mb1.msg.corp.akamai.com>
References: <CACaGAp=-xJZN=L3av+DX_WQcki_k=L-_tc5dZnJNtM=M0W8MnQ@mail.gmail.com> <CAGwT64i5v+0xXLzQYFO5JVKs302x6BgZYN+ffYzMVesgbB9biA@mail.gmail.com> <962c1d946dba48bf95d22f0aa5f77c8f@ustx2ex-dag1mb1.msg.corp.akamai.com> <1D8D93F4-7A7C-4875-927E-21E19AB5F942@gmail.com> <CAGwT64ge2RTw2hxzvQTUzYXStSNnb+uS9GcHU0t38VF9Kv+zkQ@mail.gmail.com> <b075e5774d104662b4b39c0bca9d9d94@ustx2ex-dag1mb1.msg.corp.akamai.com>
Date: Mon, 25 Jan 2016 12:38:30 -0800
Message-ID: <CACsn0c=atv-YvrD512MReWudZ-z5z5Pe-9gE3cUQU91jxOp4eA@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: "Salz, Rich" <rsalz@akamai.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/4LqisxctFHRuJFraccMZGQ-HSAU>
Cc: Joseph Birr-Pixton <jpixton@gmail.com>, Jacob Maskiewicz <jmaskiew@eng.ucsd.edu>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Require deterministic ECDSA
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jan 2016 20:38:33 -0000

On Mon, Jan 25, 2016 at 11:25 AM, Salz, Rich <rsalz@akamai.com> wrote:
>> is/should, or they're going to have other problems.
>
> Really?
>
> Some high-value device that is rarely connected-to?  Like a missle?

If you can't generate 256 random bits for use as a DH key or a client
random, anyone can read the connection if they know what the random
number generator actually produced. If you can produce 256 random
bits, and the device maker was halfway competent, they should know how
to turn 256 random bits into computationally indistinguishable
infinite stream of random bits. If your missile maker was not halfway
competent at computer security, I can only hope the guidance engineers
were of the same caliber.


> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls



-- 
"Man is born free, but everywhere he is in chains".
--Rousseau.