[TLS] I know TLS Device & Radio & BT protocol, For such things as mice & keyboards & Game-Pads, Could propose AES & PSK, Can you see ECDHE Being used ? maybe Preshare & seeded PSK is better, Can we make a protocol TLS for devices ?
Duke Abbaddon <duke.abbaddon@gmail.com> Mon, 06 February 2023 02:11 UTC
Return-Path: <duke.abbaddon@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE54BC14E515 for <tls@ietfa.amsl.com>; Sun, 5 Feb 2023 18:11:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.095
X-Spam-Level:
X-Spam-Status: No, score=-0.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, URI_DOTEDU=1.999] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 83AzsOX_zA7I for <tls@ietfa.amsl.com>; Sun, 5 Feb 2023 18:11:16 -0800 (PST)
Received: from mail-qt1-x843.google.com (mail-qt1-x843.google.com [IPv6:2607:f8b0:4864:20::843]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 50B1CC14F737 for <tls@ietf.org>; Sun, 5 Feb 2023 18:11:16 -0800 (PST)
Received: by mail-qt1-x843.google.com with SMTP id x10so4416923qtr.2 for <tls@ietf.org>; Sun, 05 Feb 2023 18:11:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:to:subject:message-id:date:from :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=Wua0G59u9hiruoWfrgaDi43bv3JWc0OC0vkkumziugA=; b=YU6Tc9AhZh/Rb3HmUwtruT8b0WTv1DMtf4d6HEsrzul1kCSDa15cbGJXNN1WOhEimf 0BKoSTdN1pJm8k0Edg4C8o4hMWF2jFg/lpYwzpTdjYB0ZBYOQLPBG67nvCHueVW3jmIE Frjzaq5NJ07juBTsWXKAKCJPOsOGWxwxrpgt6JzZBJa661i/CinKzjUDia68aZl5bSoX CWIW+hopkPOD/f9JNuokZ4dVOq7KD5MDsha5VtQ3ghkXGjBtsb8QogT940ubnJ5XfjRf MzmfkbapN+e+iUoihlwP+hNBZuT8tju5strbFUVF5usqTCpJSB33Y66EQ/IvqoMzIP8A 7bAg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:to:subject:message-id:date:from :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Wua0G59u9hiruoWfrgaDi43bv3JWc0OC0vkkumziugA=; b=7yyTZMecNBCyCfXgdtrbP0f8+a7VyoW0fHqdaB8R+u53hjpYhGbMDESDoVcRzopgWj NF4ETlrFfUH4iCCaBDj+IvLTQEOiQE0rkyt4MWAsPv2xnQfQMN0WDY/qLdvGi0Pidqc1 2gVQZfJnlU5gX1lXW7aNA4poP/rZu1m7qRd8a87C5iiqPLTi/ly9M0Auoe+zpiONZd25 LpYRjv1OH94Tuzkk/JWiKkaMzovoNkARbyIS5Md6k6Y7xSLj234nfw4a46fEpq+FPiD/ tir2oPxVV44PIEe4uHCRI4QRFz3l/KCNj/1rYQkOeX+nw32hpJoTjU8DRUdmArYXR2ri tizQ==
X-Gm-Message-State: AO0yUKVK+Di1N3WIXbbH56yErItcqvCmTnB3k9v9M9gYoF1LCNig+/kR +PiT1qeCEh/SdBIpG+kR2IiE76gJ+RR/NLDMxDIjl1dWj6Jpog==
X-Google-Smtp-Source: AK7set9sbWq7p5Rp8bMQjEyGb9yyyTS349XqyGgYREaRKxPfe3jBAAO/vY7sMIJwQNYQar3cwnM21e/lTeeS7t276DA=
X-Received: by 2002:ac8:7e8e:0:b0:3b6:3a22:812c with SMTP id w14-20020ac87e8e000000b003b63a22812cmr2246736qtj.96.1675649474077; Sun, 05 Feb 2023 18:11:14 -0800 (PST)
MIME-Version: 1.0
From: Duke Abbaddon <duke.abbaddon@gmail.com>
Date: Mon, 06 Feb 2023 02:11:04 +0000
Message-ID: <CAHpNFcOO2NPY8f-GOitGo4NK2nOR_1A2owgfD70zBtnx94PrgA@mail.gmail.com>
To: tls@ietf.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/QBPcA3b5yACurxidVbr2AF0RRdo>
Subject: [TLS] I know TLS Device & Radio & BT protocol, For such things as mice & keyboards & Game-Pads, Could propose AES & PSK, Can you see ECDHE Being used ? maybe Preshare & seeded PSK is better, Can we make a protocol TLS for devices ?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Feb 2023 02:11:20 -0000
I know TLS Device & Radio & BT protocol, For such things as mice & keyboards & Game-Pads, Could propose AES & PSK, Can you see ECDHE Being used ? maybe Preshare & seeded PSK is better, Can we make a protocol TLS for devices ? Rupert S Device Security CRT Initiations for URT, USB, Wireless & other Device Interactions : (c)RS A very good way to think about a mouse, Keyboard & device AES & Crypto security is that a device needs to be in the certificate store, Two reasons Hardware acceleration is OS Store & Security; The device(computer) specifically requests all interactions with the CRT with a level of privacy & security, By GUID Definition & identity; Secondly limiting the function to parameters so it will not hack the system.. So firstly the device certificate needs to interact with a store for a temporary cert & therefore we need a device Certificate store that contains the equivalent of the Secure client key in SHELL, This does not need to worry us; But we need a store! if not the device driver needs to initiate the system Store DL & AES Systems so that the device is secured with a personal store & main key (probably ECC-AES-'GCM<>FF3-1' ) Rupert S https://science.n-helix.com/2022/08/jit-dongle.html https://science.n-helix.com/2022/06/jit-compiler.html https://is.gd/LEDSource ***** ((network server)Effectively Improves Phone & network SSL Connectivity & thus +security) (good for telecommunications networks) (TLS) My files are all verified by virustotal & are signed anyway! https://is.gd/SecurityHSM https://is.gd/WebPKI TLS Optimised https://drive.google.com/file/d/10XL19eGjxdCGj0tK8MULKlgWhHa9_5v9/view?usp=share_link Ethernet Security https://drive.google.com/file/d/18LNDcRSbqN7ubEzaO0pCsWaJHX68xCxf/view?usp=share_link RS ***** *********** (in comparison Poly & AES is quite good for 32Bit USB Mice (small channel) Performance Evaluation Comparison LIGHTWEIGHT CIPHERS NIST LightWeight Cryptography Requirements : RS Lightweight Cryptography https://www.cryptrec.go.jp/report/cryptrec-gl-2003-2016en.pdf https://www.scitepress.org/papers/2014/49006/49006.pdf Performance Evaluation Comparison LIGHTWEIGHT CIPHERS NIST LightWeight Cryptography Requirements https://scholarworks.calstate.edu/downloads/k0698968b AES-NI Compatible Ciphers : AES, ARIA, CLEFIA https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-cipher-catalog-01#page-3 CLEFIA : Large size table, Pure function https://datatracker.ietf.org/doc/html/rfc6114 ARIA : Random is a big+ to anomininity bit 128Bit's of data https://datatracker.ietf.org/doc/html/rfc5794 ARIA is conformant https://datatracker.ietf.org/doc/html/rfc6209 ARIA SRTP https://datatracker.ietf.org/doc/html/rfc8269#page-14 ************ AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption https://datatracker.ietf.org/doc/rfc8452/ Adding the nonce to GMAC makes GMAC's unique : ICE-ssRTP https://www.zerotier.com/2019/09/04/aes-gmac-ctr-siv/ https://www.rfc-editor.org/rfc/rfc5297#page-15 Correct Time : EEC Elliptic & Nonce timer function: "The thing about random unique nonce with :dev/rng is that verifying the nonce's uniqueness is an issue, with SSRTP nonce, Time intrinsics allow only one play time https://datatracker.ietf.org/doc/rfc8954/ So what about if they have a reset phone & have not got the correct time ? mine wouldn't do NTP until i set it to pools.ntp.org, the telephone network would not change the time!" So the nonce may need a seconds from arrival timer; So that it is from the time it arrives (in your terms) & additionally a sent and arrival time so that when you get the correct time; It still works! In essence TLS & OSCP need a time from arrival (to verify link/Security CRT), It does not matter if that NTP timer is off by 5 Minutes... you can use the Time related EEC Elliptic curve & as long as it is timed from arrival & sends back a sample with a from time & until... That EEC Elliptic & Nonce will work. RS ***** https://science.n-helix.com/2022/03/ice-ssrtp.html Code Speed https://science.n-helix.com/2022/08/simd.html https://science.n-helix.com/2022/09/ovccans.html Chaos https://science.n-helix.com/2022/02/interrupt-entropy.html https://science.n-helix.com/2022/02/rdseed.html https://science.n-helix.com/2020/06/cryptoseed.html sRTP Chaos Nonce: Certificate transactions; TLS & OCSP Security Protocols https://datatracker.ietf.org/doc/rfc8954/ RSA-PSS RSASSA-PSS is a probabilistic signature scheme (PSS) with appendix RSAES-OAEP (Optimal Asymmetric Encryption Padding) https://www.cryptosys.net/pki/manpki/pki_rsaschemes.html https://www.rfc-editor.org/rfc/rfc8017 https://www.rfc-editor.org/rfc/rfc5756 PSK: Pre-Shared Key Cipher Suites for TLS with SHA-256/384 and AES Galois Counter Mode https://datatracker.ietf.org/doc/rfc5487/ https://datatracker.ietf.org/doc/rfc8442/ https://datatracker.ietf.org/doc/rfc9258/ Nonce & Plaintext, Token & SequenceID (Bearing in mind that ICE-SSRTP Nonce is compatible) https://www.ietf.org/id/draft-howard-gssapi-aead-01.txt AES-GCM-SIV: Nonce Misuse-Resistant Authenticated Encryption https://datatracker.ietf.org/doc/rfc8452/ Adding the nonce to GMAC makes GMAC's unique : ICE-ssRTP https://www.zerotier.com/2019/09/04/aes-gmac-ctr-siv/ https://www.rfc-editor.org/rfc/rfc5297#page-15 AES-GCM SRTP https://datatracker.ietf.org/doc/rfc7714/ AES-CCM https://datatracker.ietf.org/doc/rfc6655/ Lightweight Cryptography https://www.cryptrec.go.jp/report/cryptrec-gl-2003-2016en.pdf https://www.scitepress.org/papers/2014/49006/49006.pdf Performance Evaluation Comparison LIGHTWEIGHT CIPHERS NIST LightWeight Cryptography Requirements https://scholarworks.calstate.edu/downloads/k0698968b TLS 1.3 on Lightweight Crypto https://eprint.iacr.org/2023/095.pdf Computation of Hilbert class polynomials and modular polynomials from super-singular elliptic curves https://eprint.iacr.org/2023/064.pdf Super-singular Elliptic Curves for ECDHE EEC PQC - Deuring for the People - Supersingular Elliptic Curves with Prescribed Endomorphism Ring in General Characteristic - 2023-106 https://eprint.iacr.org/2023/106.pdf The Security of ChaCha20-Poly1305 in the Multi-user Setting https://eprint.iacr.org/2023/085.pdf Verification ECDHE ECDHE Grotto, framework & C++ library for space- & time-efficient -party piecewise polynomial 'i.e, spline' evaluation on secrets additively shared over, Grotto improves on the state-of-the-art approaches of DCF 2023-108 https://eprint.iacr.org/2023/108.pdf AES-NI Compatible Ciphers : AES, ARIA, CLEFIA https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-cipher-catalog-01#page-3 CLEFIA : Large size table, Pure function https://datatracker.ietf.org/doc/html/rfc6114 ARIA : Random is a big+ to anonymity bit 128Bit's of data https://datatracker.ietf.org/doc/html/rfc5794 ARIA is conformant https://datatracker.ietf.org/doc/html/rfc6209 ARIA SRTP https://datatracker.ietf.org/doc/html/rfc8269#page-14 Post Quantum: Verification of Correctness and Security Properties for CRYSTALS-KYBER https://eprint.iacr.org/2023/087.pdf Verification of the (1–δ)-Correctness Proof of CRYSTALS-KYBER with Number Theoretic Transform https://eprint.iacr.org/2023/027.pdf A Practical Template Attack on CRYSTALS-Dilithium https://eprint.iacr.org/2023/050.pdf NTRU, Kyber Hardware Acceleration - Gate-Level Masking of Streamlined NTRU Prime Decapsulation in Hardware 2023-105 https://eprint.iacr.org/2023/105.pdf Compact TLS 1.3 https://datatracker.ietf.org/doc/draft-ietf-tls-ctls/ DTLS 2023 https://datatracker.ietf.org/doc/draft-ietf-tsvwg-dtls-over-sctp-bis/ TLS 1.2 https://datatracker.ietf.org/doc/rfc5246/ https://datatracker.ietf.org/group/tls/about/ https://blog.cloudflare.com/post-quantum-for-all/ Network Time Protocol Version 4: Protocol and Algorithms Specification https://datatracker.ietf.org/doc/rfc5905/ https://science.n-helix.com/2022/01/ntp.html Securing TLS https://is.gd/SecurityHSM https://is.gd/WebPKI Crypto Libraries https://github.com/miracl/core https://github.com/jedisct1/libsodium About Circl library https://github.com/cloudflare/circl https://blog.cloudflare.com/inside-geo-key-manager-v2/ FPGA & ASIC Libraries https://si2.org/open-cell-library/ Model & Create S-Box (AES & ARIA & CLEFIA S-Box Modeling) AES & ARIA & CLEFIA S-Box Modeling - Advanced Crypto Algorithms - Modeling for Large S-boxes Oriented to Differential Probabilities and Linear Correlations (Long Paper) 2023-109 https://eprint.iacr.org/2023/109.pdf ***** Good stuff for all networks nation wide, the software is certificate signed & verified When it comes to pure security, We are grateful https://is.gd/SecurityHSM https://is.gd/WebPKI TLS Optimised https://drive.google.com/file/d/10XL19eGjxdCGj0tK8MULKlgWhHa9_5v9/view?usp=share_link Ethernet Security https://drive.google.com/file/d/18LNDcRSbqN7ubEzaO0pCsWaJHX68xCxf/view?usp=share_link These are the addresses directly of some good ones; DNS & NTP & PTP 2600:c05:3010:50:47::1 2607:fca8:b000:1::3 2607:fca8:b000:1::4 2a06:98c1:54::c12b 142.202.190.19 172.64.36.1 172.64.36.2 38.17.55.196 38.17.55.111
- [TLS] I know TLS Device & Radio & BT protocol, Fo… Duke Abbaddon
- Re: [TLS] I know TLS Device & Radio & BT protocol… Achim Kraus