Re: [TLS] [Cfrg] (confusing the issues) Re: 3DES diediedie

Rene Struik <rstruik.ext@gmail.com> Tue, 30 August 2016 01:32 UTC

Return-Path: <rstruik.ext@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0970E12B063 for <tls@ietfa.amsl.com>; Mon, 29 Aug 2016 18:32:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8577WiIBCYcI for <tls@ietfa.amsl.com>; Mon, 29 Aug 2016 18:32:05 -0700 (PDT)
Received: from mail-qt0-x22b.google.com (mail-qt0-x22b.google.com [IPv6:2607:f8b0:400d:c0d::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C9BC512B02F for <tls@ietf.org>; Mon, 29 Aug 2016 18:32:04 -0700 (PDT)
Received: by mail-qt0-x22b.google.com with SMTP id 52so2440863qtq.3 for <tls@ietf.org>; Mon, 29 Aug 2016 18:32:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=qBb/WbPCtjnAjNY0L+lrfvtMjbt7AVY9ZqbL3nZGZXw=; b=JLB0m0pwh7/mdmU9Pp4ru+S5T1Z5jUcECnDylUq/ukR9Pcw/x7Wxc9rOYS3Lht5Fvd vte/LCIZCgBu/fMJ+fOP9doUmnxIs9pcc8qgRqzUXNDvNjP+O0rbgWUFOKNjfzfGQIzG lxWaHUkA3v5mE5Pdgij/c5U3YMmLcnLWauTE+7VhlPWjeL9bNk2C13Tqz2CJ6FwPDxX8 T6TFBD50u6lpNf6XCV5sLWwPCd9TcXD/rrEU/NzQLiEFMqkStPeyW4+Pzs4VeeqFF62m x6SRoJ92nH0BFpe65tAytYKxumNngYV2zQV9VZcTb3sO3IRHDhDjq0RiTNzKPMtq455r Vcfg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=qBb/WbPCtjnAjNY0L+lrfvtMjbt7AVY9ZqbL3nZGZXw=; b=lb1HbnERZw/mu3Qoxk0En2hGUPQgjSbr7KhCFfSJo/eMNqrBfmB/oXgktGdOtgJXOL kYEJZTWeFmag3Kc5JCnwEOtmeIl0EEw0PWnk/GxbyLjgsLWm2igd+F3AsO5ylA28w0Tz ysw3gZoz4zcHkFYGpz7YOjZtziwoLu/ELLRAiwi7InekQmD+0qwtYo9Tar5+FvgB9Fsm 3cgrLyADubcmaZohua3M+ch1d8cQnGyRaTlvuDt3ODELi+anaM1k2m5J4t37P9hYm3wM lJh531jrBa1QP0S3CCUHGQSLrSc67ShcPee71Ls/PcEy1yWsa879euG0Utbx3ID5qfBb yL0Q==
X-Gm-Message-State: AE9vXwPIrcKBp+7HDoEZfW2aJb3d7PnIbwkbays4Zm3nNZVQ7ECGD0q7EJVGWyCoOltGcA==
X-Received: by 10.237.33.111 with SMTP id 102mr1226633qtc.56.1472520723952; Mon, 29 Aug 2016 18:32:03 -0700 (PDT)
Received: from [192.168.0.14] (CPE7cb21b2cb904-CM7cb21b2cb901.cpe.net.cable.rogers.com. [174.112.186.144]) by smtp.gmail.com with ESMTPSA id m4sm20222969qkf.29.2016.08.29.18.32.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 29 Aug 2016 18:32:03 -0700 (PDT)
To: Jon Callas <jon@callas.org>
References: <CAHOTMV+r5PVxqnSozYyqJqq_YocMKV06aAa-43t+5Huzh7Lo=A@mail.gmail.com> <F42128A0-9682-4042-8C7E-E3686743B314@cisco.com> <9A043F3CF02CD34C8E74AC1594475C73F4D0473F@uxcn10-5.UoA.auckland.ac.nz> <B749662D-B518-46E0-A51D-4AD1D30A8ED2@cisco.com> <9A043F3CF02CD34C8E74AC1594475C73F4D0528F@uxcn10-5.UoA.auckland.ac.nz> <3401C8F7-5A74-4D02-96F5-057E9A45F8B0@cisco.com> <57C43102.7090902@secworks.se> <b1956113-b21a-f995-2e35-3011eb76ce8a@gmail.com> <8699AC5D-AD51-4287-A302-55CF9549A7FC@callas.org>
From: Rene Struik <rstruik.ext@gmail.com>
Message-ID: <7f01301d-f96f-9b99-7841-e43b5a2d12ea@gmail.com>
Date: Mon, 29 Aug 2016 21:31:47 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <8699AC5D-AD51-4287-A302-55CF9549A7FC@callas.org>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/D4ntNZvJxwWqRTRWaLjV-FmIqFc>
Cc: "David McGrew \(mcgrew\)" <mcgrew@cisco.com>, "cfrg@irtf.org" <cfrg@irtf.org>, "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] [Cfrg] (confusing the issues) Re: 3DES diediedie
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Aug 2016 01:32:06 -0000

My argument was aimed at focusing on the real topic at hand, not at 
mixing this with "religious" beliefs as ditching ciphers without clear 
justification (no matter how ancient 3-DES may be [I was in elementary 
school then]).

I think it is unwise thinking too lightly about writing IETF drafts with 
"die-die-die" in the title, just because one feels like it, in an almost 
context-free manner. Or, is the idea to launch an entire series of 
die-die-die drafts, because one finds some excuse to do so? I cannot 
deny I also like shiny new things and we may all suffer from 
not-invented-here syndromes, but acknowledging this playing in the 
background of our perceptions should also give us some reason to pause 
and have some restraint here.

Rene

On 8/29/2016 5:48 PM, Jon Callas wrote:
>> On Aug 29, 2016, at 6:26 AM, Rene Struik <rstruik.ext@gmail.com> wrote:
>>
>> I think it is a mistake to think that simply using block ciphers with a larger block size is enough to counter attacks, as the literature on successful side channel attacks on such block cipher demonstrates. The real message is that one should not reuse keys ad infinitum, which unfortunately seems hard to sink in.
>>
>> Singling out 3-DES in this respect does not seem to tackle the real issue (which is a system security issue often only paid lip service to in practice).
> Yes, we should just stop using 64-bit block ciphers and deal with the issues you mention within the context of larger blocks.
>
> 	Jon
>


-- 
email: rstruik.ext@gmail.com | Skype: rstruik
cell: +1 (647) 867-5658 | US: +1 (415) 690-7363