Re: [TLS] Include Speck block cipher?

Mike Hamburg <mike@shiftleft.org> Fri, 18 March 2016 01:37 UTC

Return-Path: <mike@shiftleft.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0185D12DEAC for <tls@ietfa.amsl.com>; Thu, 17 Mar 2016 18:37:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.019
X-Spam-Level:
X-Spam-Status: No, score=-1.019 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RDNS_DYNAMIC=0.982, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=shiftleft.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8Aa14_M-UdA0 for <tls@ietfa.amsl.com>; Thu, 17 Mar 2016 18:37:26 -0700 (PDT)
Received: from astral.shiftleft.org (192-195-80-246.PUBLIC.monkeybrains.net [192.195.80.246]) by ietfa.amsl.com (Postfix) with ESMTP id 62F1612DE9D for <tls@ietf.org>; Thu, 17 Mar 2016 18:37:26 -0700 (PDT)
Received: from [10.184.148.249] (unknown [209.36.6.242]) (Authenticated sender: mike) by astral.shiftleft.org (Postfix) with ESMTPSA id 1EF239FFEE; Thu, 17 Mar 2016 18:37:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shiftleft.org; s=sldo; t=1458265046; bh=Cvn3A6xDB0JgebAIeMe9pUYFIK+q9EtCnIV62h8F0B8=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=Q5cAl6qwdAfy21k7vugaSkTJ9O/RXcD6GiDPBjPTx8cwYLtt8MUO2fZpQhHuMiHRn 2bSzdgyO2NQdTaubkXH1lyKZTBRR3tgfJAJg1DMAOlOwca3uCZRarH9LRn1PVdyvnz J/SzbFVqOLs8QCOaxOMw2V8UWw9NYYYRuntBNGns=
Content-Type: multipart/alternative; boundary="Apple-Mail=_CB7D29C0-BE7D-4E38-AFC7-B8F7F8DA8D50"
Mime-Version: 1.0 (Mac OS X Mail 9.2 \(3112\))
From: Mike Hamburg <mike@shiftleft.org>
In-Reply-To: <CADBJ=uRVC_2ttFXcdgTRamQkrL=EL3hJ7z1xmTGcW_dX01FhZw@mail.gmail.com>
Date: Thu, 17 Mar 2016 18:37:25 -0700
Message-Id: <98D69E40-44F4-4BA0-83F6-1B804B4AABB7@shiftleft.org>
References: <CADBJ=uRVC_2ttFXcdgTRamQkrL=EL3hJ7z1xmTGcW_dX01FhZw@mail.gmail.com>
To: Efthymios Iosifides <iosifidise@gmail.com>
X-Mailer: Apple Mail (2.3112)
X-Virus-Scanned: clamav-milter 0.98.7 at astral
X-Virus-Status: Clean
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/aTZ8jK9aptIESIqPRIgxVa8b-tA>
Cc: klimn@di.uoa.gr, tls@ietf.org
Subject: Re: [TLS] Include Speck block cipher?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Mar 2016 01:37:28 -0000

No.  The goal should be to remove ciphers, not add new ones, unless we have a really compelling reason.  Short source code is not a compelling reason in a protocol so complicated as TLS.

Cheers,
— Mike

> On Mar 16, 2016, at 11:35 PM, Efthymios Iosifides <iosifidise@gmail.com>; wrote:
> 
> Hello all.
> 
> I have just found on the ietf archives an email discussion about the inclusion of the SPECK Cipher 
> in the tls standards. 
> It's reference is below :https://www.ietf.org/mail-archive/web/tls/current/msg13824.html <https://www.ietf.org/mail-archive/web/tls/current/msg13824.html>
> 
> Even though that this cipher originates from the NSA one cannot find a whitepaper that describes it's full cryptanalysis. In the above discussion Mr. Strömbergson somehow perfunctorily presents two whitepapers that describe the SPECK's cryptanalysis. Although we shall keep in mind that these papers describe a limited round cryptanalysis. Also we shall not forget that a similar cryptanalysis has taken place for the famous AES. Therefore i personally do not see any actual arguments apart from the facts that concerns the algorithm's  provenance for not including it in a future tls specification. In conclusion even by this day the SPECK cipher has not been yet fully cryptanalyzed succesfully. 
> 
> Thank you!
> 
> 
> Yours sincerely,
> Efthimios Iosifides 
> 
> 
> 
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls