Re: [TLS] Another INRIA bug in TLS

Martin Thomson <martin.thomson@gmail.com> Fri, 22 May 2015 23:45 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 577AD1A87C9 for <tls@ietfa.amsl.com>; Fri, 22 May 2015 16:45:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id juW9q298nPTt for <tls@ietfa.amsl.com>; Fri, 22 May 2015 16:45:12 -0700 (PDT)
Received: from mail-yh0-x22b.google.com (mail-yh0-x22b.google.com [IPv6:2607:f8b0:4002:c01::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A27351A8784 for <tls@ietf.org>; Fri, 22 May 2015 16:45:12 -0700 (PDT)
Received: by yhcb70 with SMTP id b70so8014590yhc.0 for <tls@ietf.org>; Fri, 22 May 2015 16:45:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=/9wPGUx9Dx2D0umkwaY6x6Y2YoQaFfiTVphcw5cdI2I=; b=oLrd4794PnsVB43lmzew3I2wXqIjE+LqdI0tM/exIbnsbAScD/oqAsYSQorIDM1YqZ c4G8UTQP26G52jMO5QAGQUS2IIXgHF2tTYZ1IyMQO37cf9/O0NpomVdjagmPwox+Vp/R DJ6OkBkJQ5ArJFHOtXgAK+5WtJF352soZYQZFVbt+DrQ5uuCC0L0I3gNWkqgQznVINNU GQVgKrkHMehMFXUSDDJjQAElbEHOa1s5fmewLGgvI2ZNLn95Y90w79V3GOEVXSJNihZQ xSvzMBUtBc69UyZXD8WnhjkOsP2/iM52wcHTE7b/nX6oIXGOlBsQwWErXRRqV3jKpHaX pWFQ==
MIME-Version: 1.0
X-Received: by 10.236.106.74 with SMTP id l50mr10594291yhg.143.1432338312047; Fri, 22 May 2015 16:45:12 -0700 (PDT)
Received: by 10.129.110.138 with HTTP; Fri, 22 May 2015 16:45:11 -0700 (PDT)
In-Reply-To: <555FBB6A.7040508@brainhub.org>
References: <9A043F3CF02CD34C8E74AC1594475C73AB029727@uxcn10-tdc05.UoA.auckland.ac.nz> <1432317148442.5357@microsoft.com> <87pp5snxha.fsf@alice.fifthhorseman.net> <BLUPR03MB13963BE37177243E5B89262B8CC00@BLUPR03MB1396.namprd03.prod.outlook.com> <555FBB6A.7040508@brainhub.org>
Date: Fri, 22 May 2015 16:45:11 -0700
Message-ID: <CABkgnnXUvai==PBaLL1UYWjOeaMzBSqEZ2C0U+DrnieOYLVjLw@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Andrey Jivsov <crypto@brainhub.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/LjSpJljQ8GqzCZTsZZQik69iapE>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Another INRIA bug in TLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 May 2015 23:45:14 -0000

On 22 May 2015 at 16:27, Andrey Jivsov <crypto@brainhub.org> wrote:
> To rephrase, what's the slice of the Internet that cannot do DHE P-256 but
> can do DHE 2048?

I can only answer for the slice that I see, which is mostly server
behavior.  Are you asking about clients?

>From the client end, we see 4-5% of connections on DHE[1].  Most of
those servers choose 1024-bit groups [2].

[1] Values in the 20s:
http://telemetry.mozilla.org/#filter=release%2F37%2FSSL_CIPHER_SUITE_FULL%2Fsaved_session%2FFirefox&aggregates=multiselect-all!Submissions&evoOver=Builds&locked=true&sanitize=true&renderhistogram=Graph
[2] Guess what means what here:
http://telemetry.mozilla.org/#filter=release%2F37%2FSSL_KEA_DHE_KEY_SIZE_FULL%2Fsaved_session%2FFirefox&aggregates=multiselect-all!Submissions&evoOver=Builds&locked=true&sanitize=true&renderhistogram=Graph