IETF Logo Mail Archive

Re: [TLS] Negotiated Discrete Log DHE revision

Michael D'Errico <mike-list@pobox.com> Tue, 08 April 2014 17:22 UTC

Return-Path: <mike-list@pobox.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 164241A0473 for <tls@ietfa.amsl.com>; Tue, 8 Apr 2014 10:22:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.273
X-Spam-Level:
X-Spam-Status: No, score=-2.273 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.272, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YQVi_8kWlCCN for <tls@ietfa.amsl.com>; Tue, 8 Apr 2014 10:22:24 -0700 (PDT)
Received: from sasl.smtp.pobox.com (a-pb-sasl-quonix.pobox.com [208.72.237.25]) by ietfa.amsl.com (Postfix) with ESMTP id C71041A0660 for <tls@ietf.org>; Tue, 8 Apr 2014 10:22:07 -0700 (PDT)
Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTP id 663BD10284; Tue, 8 Apr 2014 13:22:06 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=message-id :date:from:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; s=sasl; bh=3W8XjBWNnqCz tDWsgYw3abNeG6c=; b=x08+2YHf6A/rNCFjwCjdyKcJf1ymbq1C7knXAQ93k+fj ZhNUPRZLAr/dBD2dj1IQFGq0pUYGVpxA/+PKjx9l05P/9AJXuVw8iQMZC/4xnhAD UUg9/5Y9crO5rQq8XoDugSLiCKXrgkJCyRXKFDdnn+cAB9RReY3ibeFwGOInnnM=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=message-id:date :from:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; q=dns; s=sasl; b=dccCB5 FxzlvcoC/KE1zVrFsuveyyUrm0JTGjs90K5rOA1H9bh9aDCRRZlIxJ86BNXrOWvw v/HGU5XEuIF4nZa6eVs0B+9ojpsB8g2Ga3ImI9eQe3UMh9cD1GHPmYZbBJfcOlX+ 0rlLConmNKGOiCzyu/aDq0WXSFmpQUrWEAkKE=
Received: from a-pb-sasl-quonix.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTP id 5EB2110283; Tue, 8 Apr 2014 13:22:06 -0400 (EDT)
Received: from iMac.local (unknown [24.234.153.62]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by a-pb-sasl-quonix.pobox.com (Postfix) with ESMTPSA id 49B4010282; Tue, 8 Apr 2014 13:22:05 -0400 (EDT)
Message-ID: <5344303C.2050607@pobox.com>
Date: Tue, 08 Apr 2014 10:22:04 -0700
From: Michael D'Errico <mike-list@pobox.com>
User-Agent: Thunderbird 2.0.0.24 (Macintosh/20100228)
MIME-Version: 1.0
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
References: <AD51D38F-2CFE-4277-854D-C0E56292A336@cisco.com> <20140326211219.27D281AC7D@ld9781.wdf.sap.corp> <20140327095527.5335c7fa@hboeck.de> <533622F3.2090406@fifthhorseman.net> <87eh18xtrl.fsf@alice.fifthhorseman.net> <53442983.1030703@pobox.com>
In-Reply-To: <53442983.1030703@pobox.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Pobox-Relay-ID: 4E5CD12E-BF42-11E3-8074-873F0E5B5709-38729857!a-pb-sasl-quonix.pobox.com
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/glkk3djX26JOrb5KcO_L1sqZr-Q
Cc: tls@ietf.org
Subject: Re: [TLS] Negotiated Discrete Log DHE revision
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Apr 2014 17:22:30 -0000

Also, I'm curious why "e" is chosen for constructing these primes.  Since
the natural log of e is 1, doesn't it seem like a bad idea to stick a bunch
of bits of e in a prime where the security is based on logarithms?

Mike



Michael D'Errico wrote:
> There is already a list of DH groups managed by the IANA for IKE that was
> established by RFC 2409 and includes the MODP groups from RFC 3526 plus
> others.  Why not just use this existing registry and add your new e-based
> groups to it?
> 
> Mike
> 
> 
> 
> Daniel Kahn Gillmor wrote:
>> On Fri 2014-03-28 21:33:39 -0400, Daniel Kahn Gillmor 
>> <dkg@fifthhorseman.net> wrote:
>>> I've submitted an initial stab at a proposal for negotiated discrete log
>>> diffie-hellman ciphersuites:
>>>
>>>  http://tools.ietf.org/html/draft-gillmor-tls-negotiated-dl-dhe-00
>>
>> Thanks to feedback from Watson Ladd and Samuel Neves over on the CFRG,
>> i've updated the named groups in the above draft.
>>
>> I've also done another pass over the text:
>>
>>   https://tools.ietf.org/html/draft-gillmor-tls-negotiated-dl-dhe-01
>>
>> Comments, questions and critiques welcome.
>>
>>     --dkg

v2.23.0 | Report a Bug | By Email