IETF Logo Mail Archive

Re: [TLS] ECDH_anon

Martin Thomson <martin.thomson@gmail.com> Wed, 27 January 2016 17:47 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7243A1AD0BB for <tls@ietfa.amsl.com>; Wed, 27 Jan 2016 09:47:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zoadNabEUf4p for <tls@ietfa.amsl.com>; Wed, 27 Jan 2016 09:47:40 -0800 (PST)
Received: from mail-ig0-x22d.google.com (mail-ig0-x22d.google.com [IPv6:2607:f8b0:4001:c05::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C89831AD0B9 for <tls@ietf.org>; Wed, 27 Jan 2016 09:47:39 -0800 (PST)
Received: by mail-ig0-x22d.google.com with SMTP id h5so16866807igh.0 for <tls@ietf.org>; Wed, 27 Jan 2016 09:47:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=EQDAOuwK94IUtuA9ttn/btVTU+SDVpcuqpCveZ4eqiE=; b=QRiZNT8NhHkie3wKSabjKRT1T5/i8lwLIDeucOm+7mtBuyDwEhHcdFnm2NOUA5Cud1 xb6XDE4686Q2kO2uK8Iekrrw/RvNN77IdVVXqkPQ9CKLRVw/sATdSzGYYUuISV8Ptlsx RbC8LbdaYxyrgKkEtn4++YX3Ngz2MgDR9OqpFLiyNMU8X7NoIhVeWgvhaH9LqWvH6hH7 2/oXOHoDamkv78n9CKt7G2vlIBwRzXfcUqr96722WVQdLvrY2tT9YRUVMxSDrYgpToTj wCVx07hEXG6u+BEAvUBbVUcqwTTqAxtr71ttXoeKOZbxSubhjyJaWL3EdRD7m6opan9Z E/cg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=EQDAOuwK94IUtuA9ttn/btVTU+SDVpcuqpCveZ4eqiE=; b=MT0s3PsfYECo/8Zlbrc3IGPnZkNUbQKYHa2bujlzRMemNDObF+gIN+MbQoIwoFfaXF T+eccxDf5v+q6XkL7lxVBpS72bIwd/vzPBMF1+THzA/Xzmdz6udcmLWMqsrPrLXGfnuv jhRfqgnIuI4VW+6QOgmF6uJhS9Oq6jstkDUMV8iZXgkYLogTbpZyVSZK8fs55/64/YJm IuudqRZDBdzr6S+Jd74i6FkwLjIzYPUAov54BYpRHjkDqZvJFUegwF0ACw2gW2G+JuiT 6+8WAOdmUCyvR/GqwNrFtjm2cgrHeaVOatrJv5cFqc7cX9/3S4ue/4x4CnYIpd5+1AyA rnIg==
X-Gm-Message-State: AG10YOQRzPFTglVZLGCYGCwT6iSLj9pdWQbVd7yUQaH5Cdrehw0DSEcXhr6Bo4QXHF/cv9PKCqhrw5zyjYoeuQ==
MIME-Version: 1.0
X-Received: by 10.50.66.179 with SMTP id g19mr32197294igt.94.1453916859110; Wed, 27 Jan 2016 09:47:39 -0800 (PST)
Received: by 10.36.149.130 with HTTP; Wed, 27 Jan 2016 09:47:39 -0800 (PST)
In-Reply-To: <20160127151803.17788998.50067.47728@ll.mit.edu>
References: <20160127151803.17788998.50067.47728@ll.mit.edu>
Date: Thu, 28 Jan 2016 04:47:39 +1100
Message-ID: <CABkgnnUV68bYxQwk6Wk_8+YmBBi9EnzGEU4EGaMOSv7VAmpfiQ@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/hGBu1hqBleONunuvQcv5w1SqjgA>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] ECDH_anon
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Jan 2016 17:47:41 -0000

On 28 January 2016 at 02:17, Blumenthal, Uri - 0553 - MITLL
<uri@ll.mit.edu> wrote:
> Anon  ‎!= Ephemeral, despite some similarities.

>From a protocol perspective, they are the same.  The distinction at
the protocol level between ECDH_RSA (for example) and ECDH_anon is
that ECDH_anon requires a ServerKeyShare message in the same way that
ECDHE_RSA does.

I agree that Nikos' point is a good one, but we've implementations of
ECDHE_ that provide a stable value for their ephemeral key
(unfortunately, that's the default mode in NSS).

v2.23.0 | Report a Bug | By Email