Re: [TLS] SHA-3 in SignatureScheme
"Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu> Tue, 06 September 2016 12:53 UTC
Return-Path: <prvs=80573c2d4c=uri@ll.mit.edu>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5B1FC12B84F for <tls@ietfa.amsl.com>; Tue, 6 Sep 2016 05:53:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.705
X-Spam-Level:
X-Spam-Status: No, score=-5.705 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.508, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XSF0xhXMFoxs for <tls@ietfa.amsl.com>; Tue, 6 Sep 2016 05:53:48 -0700 (PDT)
Received: from llmx2.ll.mit.edu (LLMX2.LL.MIT.EDU [129.55.12.48]) by ietfa.amsl.com (Postfix) with ESMTP id B5DD012B8C8 for <tls@ietf.org>; Tue, 6 Sep 2016 05:35:46 -0700 (PDT)
Received: from LLE2K10-HUB02.mitll.ad.local (LLE2K10-HUB02.mitll.ad.local) by llmx2.ll.mit.edu (unknown) with ESMTP id u86CW39l024457 for <tls@ietf.org>; Tue, 6 Sep 2016 08:32:03 -0400
From: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] SHA-3 in SignatureScheme
Thread-Index: AQHSBHfFOWP+vPLKs0GIS/iOWjsWWqBsoxkA///KVYA=
Date: Tue, 06 Sep 2016 12:35:44 +0000
Message-ID: <F573DEFE-A2A9-4E37-B6A4-C4879ED9696B@ll.mit.edu>
References: <7755682.Cma8FBTrvx@pintsize.usersys.redhat.com> <57CEACE4.2090900@st.com>
In-Reply-To: <57CEACE4.2090900@st.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.19.0.160817
x-originating-ip: [172.25.177.156]
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha384"; boundary="B_3555995743_178483354"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2016-09-06_04:, , signatures=0
X-Proofpoint-Spam-Details: rule=inbound_notspam policy=inbound score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1604210000 definitions=main-1609060195
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/AxP1DikuTwQWg_P-nysjy6jvPf4>
Subject: Re: [TLS] SHA-3 in SignatureScheme
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Sep 2016 12:53:52 -0000
+1 On 9/6/16, 7:47 , "TLS on behalf of Gilles Van Assche" <tls-bounces@ietf.org on behalf of gilles.vanassche@st.com> wrote: Hello, For RSA PSS, I would suggest to consider: rsa_pss_shake128 rsa_pss_shake256 where SHAKE128 (or 256), as an exendable output function (XOF), directly replaces the mask generating function MGF. This would make RSA PSS simpler and more efficient. Kind regards, Gilles On 01/09/16 19:38, Hubert Kario wrote: The SHA-3 standard is already published and accepted[1], shouldn't TLSv1.3 include signatures with those hashes then? I think at least the following signature algorithms should be added: ecdsa_secp256r1_sha3_256 ecdsa_secp384r1_sha3_384 ecdsa_secp521r1_sha3_512 rsa_pss_sha3_256 rsa_pss_sha3_384 rsa_pss_sha3_512 1 - https://www.federalregister.gov/articles/2015/08/05/2015-19181/ announcing-approval-of-federal-information-processing-standard-fips-202-sha-3- standard
- Re: [TLS] SHA-3 in SignatureScheme Benjamin Kaduk
- [TLS] SHA-3 in SignatureScheme Hubert Kario
- Re: [TLS] SHA-3 in SignatureScheme Hubert Kario
- Re: [TLS] SHA-3 in SignatureScheme Scott Fluhrer (sfluhrer)
- Re: [TLS] SHA-3 in SignatureScheme Dave Garrett
- Re: [TLS] SHA-3 in SignatureScheme Hubert Kario
- Re: [TLS] SHA-3 in SignatureScheme Ilari Liusvaara
- Re: [TLS] SHA-3 in SignatureScheme Hubert Kario
- Re: [TLS] SHA-3 in SignatureScheme Eric Rescorla
- Re: [TLS] SHA-3 in SignatureScheme Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] SHA-3 in SignatureScheme Ilari Liusvaara
- Re: [TLS] SHA-3 in SignatureScheme Dave Garrett
- Re: [TLS] SHA-3 in SignatureScheme Eric Rescorla
- Re: [TLS] SHA-3 in SignatureScheme Eric Rescorla
- Re: [TLS] SHA-3 in SignatureScheme Benjamin Kaduk
- Re: [TLS] SHA-3 in SignatureScheme Hubert Kario
- Re: [TLS] SHA-3 in SignatureScheme Yoav Nir
- Re: [TLS] SHA-3 in SignatureScheme Eric Rescorla
- Re: [TLS] SHA-3 in SignatureScheme Salz, Rich
- Re: [TLS] SHA-3 in SignatureScheme Benjamin Kaduk
- Re: [TLS] SHA-3 in SignatureScheme Hubert Kario
- Re: [TLS] SHA-3 in SignatureScheme Eric Rescorla
- Re: [TLS] SHA-3 in SignatureScheme Salz, Rich
- Re: [TLS] SHA-3 in SignatureScheme Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] SHA-3 in SignatureScheme Yoav Nir
- Re: [TLS] SHA-3 in SignatureScheme Nikos Mavrogiannopoulos
- Re: [TLS] SHA-3 in SignatureScheme Yoav Nir
- Re: [TLS] SHA-3 in SignatureScheme Ilari Liusvaara
- Re: [TLS] SHA-3 in SignatureScheme Gilles Van Assche
- Re: [TLS] SHA-3 in SignatureScheme Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] SHA-3 in SignatureScheme Ilari Liusvaara
- Re: [TLS] SHA-3 in SignatureScheme Martin Thomson
- Re: [TLS] SHA-3 in SignatureScheme Gilles Van Assche
- Re: [TLS] SHA-3 in SignatureScheme Martin Thomson
- Re: [TLS] SHA-3 in SignatureScheme Joseph Salowey