[TLS] Re-use and export of DH shares
Yoav Nir <ynir.ietf@gmail.com> Sun, 20 November 2016 10:22 UTC
Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9175D1294C1 for <tls@ietfa.amsl.com>; Sun, 20 Nov 2016 02:22:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wKHnFsC-_3Jt for <tls@ietfa.amsl.com>; Sun, 20 Nov 2016 02:22:48 -0800 (PST)
Received: from mail-wm0-x232.google.com (mail-wm0-x232.google.com [IPv6:2a00:1450:400c:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EF7EF129499 for <tls@ietf.org>; Sun, 20 Nov 2016 02:22:47 -0800 (PST)
Received: by mail-wm0-x232.google.com with SMTP id g23so102037014wme.1 for <tls@ietf.org>; Sun, 20 Nov 2016 02:22:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-transfer-encoding:mime-version:subject:message-id:date :to; bh=4yJqqjBJqkJbJUSwGyQRhZRvBpyheW+quUzjCwkAVe4=; b=F2dV7AmNWvMmuOhX7dbBWjNVRm1VXcaW5NOpWm/KkXo90rf/nQpncJwJ3QViTX4EIk 4T1tPCiIN9n164kTEXde6W2I8bLNE2keeGD3asCqlw5sAW8mBTvLrhXIhwklDaM9rZ4I P1wTYNgr2G2QVVQvLAMtfE1vSqQWpo1kahWH9dw0wgEOInRtXiw5RLxk5F1peSwl5v9+ ZzkZ7iz/yoJ+zEW2BZ8LgQXobEh12cfDf9M8aIaubCfjMrKpESKzAJEIFC9/Uj29LPuU m0svstiyflLihzxLZq7ya0UVh4iXgYShRRP8hfU2IpaU5CMmwNbBI/bjdevo/PiRMojP Cu9w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:message-id:date:to; bh=4yJqqjBJqkJbJUSwGyQRhZRvBpyheW+quUzjCwkAVe4=; b=k4mm1Lmoct/Pgd73lLU5wdfz41wwL/9mMmyqXiXbz2BToAoqA0RP2bYFJbZcXr2XB/ u3IqWhArwDIKbdZah3lLIFRTG+v2RK5RODzIepenLX50v6NsLXiRiKcqH+ZZAnaO2ift XRFPxFNKwW6bXe1bWblzHk3pWRmRpl68a+QvHrXSldPESuMO0Xr2uJuu1UwVwKesYiI6 aBliC6YOMSKQ5OY+6TfMJSGBRWbIH33fSaVTDQnAqYhrXv/zlyev/eVdotnUGqUP9txx srh9DzXHryayhvMZY15KAMCN1v0DbmWEj19luUsxClgzZzRIuML5hAuVwhWOLgNmFShj qkfg==
X-Gm-Message-State: AKaTC00VcVqBxrnyb2yvyOdhgYFeXmoHC4Oub2SWn7u+mKtndkye8naZnKqUkwQ3itEJGw==
X-Received: by 10.28.150.75 with SMTP id y72mr8003120wmd.47.1479637366324; Sun, 20 Nov 2016 02:22:46 -0800 (PST)
Received: from [172.24.248.54] (dyn32-131.checkpoint.com. [194.29.32.131]) by smtp.gmail.com with ESMTPSA id i2sm18659688wjx.44.2016.11.20.02.22.45 for <tls@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 20 Nov 2016 02:22:45 -0800 (PST)
From: Yoav Nir <ynir.ietf@gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 10.1 \(3251\))
Message-Id: <4DF30312-1A1C-4F11-9424-0412E5A52E6B@gmail.com>
Date: Sun, 20 Nov 2016 12:21:43 +0200
To: "<tls@ietf.org>" <tls@ietf.org>
X-Mailer: Apple Mail (2.3251)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/TQ7rEVm5j6mTFLueI0bQvYe8BDA>
Subject: [TLS] Re-use and export of DH shares
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Nov 2016 10:22:49 -0000
Hi. I’ve created a PR for TLS 1.3 https://github.com/tlswg/tls13-spec/pull/768 It adds a subsection to the Security Considerations section. It discusses key reuse (do it carefully or do it not). It has the "don't do this or this grape juice might ferment" weasel words suggested by someone at the meeting. Yoav
- [TLS] Re-use and export of DH shares Yoav Nir
- Re: [TLS] Re-use and export of DH shares Yoav Nir