Re: [TLS] STRAW POLL: Size of the Minimum FF DHE group
Nikos Mavrogiannopoulos <nmav@redhat.com> Tue, 04 November 2014 19:14 UTC
Return-Path: <nmavrogi@redhat.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FA1E1A6EE4 for <tls@ietfa.amsl.com>; Tue, 4 Nov 2014 11:14:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.496
X-Spam-Level:
X-Spam-Status: No, score=-7.496 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.594, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o23ionmdYmbR for <tls@ietfa.amsl.com>; Tue, 4 Nov 2014 11:14:53 -0800 (PST)
Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 504961A6FD4 for <tls@ietf.org>; Tue, 4 Nov 2014 11:14:53 -0800 (PST)
Received: from zmail22.collab.prod.int.phx2.redhat.com (zmail22.collab.prod.int.phx2.redhat.com [10.5.83.26]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id sA4JElt8032669; Tue, 4 Nov 2014 14:14:47 -0500
Date: Tue, 04 Nov 2014 14:14:47 -0500
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
To: Sean Turner <turners@ieca.com>
Message-ID: <1181732170.4489590.1415128487858.JavaMail.zimbra@redhat.com>
In-Reply-To: <8E6B8F53-9E8C-46B2-A721-85E918576F3A@ieca.com>
References: <8E6B8F53-9E8C-46B2-A721-85E918576F3A@ieca.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Originating-IP: [10.5.82.12]
X-Mailer: Zimbra 8.0.6_GA_5922 (ZimbraWebClient - FF31 (Linux)/8.0.6_GA_5922)
Thread-Topic: STRAW POLL: Size of the Minimum FF DHE group
Thread-Index: wd5fT+EIUaIWnfIHzWVHaI1RcJP0WQ==
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/iC1_w9MhdV8ZjiP2Savn2KVAXOE
Cc: "TLS@ietf.org (tls@ietf.org)" <tls@ietf.org>
Subject: Re: [TLS] STRAW POLL: Size of the Minimum FF DHE group
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Nov 2014 19:14:54 -0000
----- Original Message ----- [...] > Background: Regardless of whether you agree with what follows or not, the > following has been put forward as the rationale. We don’t need comments on > the rationale, we’re just providing it for background. > > 1) 3DES has a 112-bit work factor and is still considered acceptable in TLS > 1.2 and the DLOG keying material shouldn’t be any weaker than the symmetric > cipher. > > 2) There is some disagreement about the work factor for the DLOG keys - e.g., > NIST says 112-bit work factor correlates to 2048-bit DLOG keys but ECRYPT-II > says 112-bit work factor correlates to 2432-bit DLOG keys (see references in > draft). > > 3) The other point made about 2048-bit DLOG is that it’s a power of 2 and > there’s parity with the public key sizes. I vote for 2432. Since we have two conflicting advices (NIST and ECRYPT), IMO the best is to go with the most conservative one (especially given that this draft is going to be fully deployed years from now). regards, Nikos
- [TLS] STRAW POLL: Size of the Minimum FF DHE group Sean Turner
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Martin Thomson
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Peter Gutmann
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Yoav Nir
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Manuel Pégourié-Gonnard
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Paul Hoffman
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Blumenthal, Uri - 0558 - MITLL
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Nikos Mavrogiannopoulos
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Stephen Checkoway
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Daniel Kahn Gillmor
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Nikos Mavrogiannopoulos
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Andrey Jivsov
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Martin Thomson
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Viktor Dukhovni
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Watson Ladd
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Russ Housley
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Bodo Moeller
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Bodo Moeller
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Hanno Böck
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Michael Sweet
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Bodo Moeller
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Manuel Pégourié-Gonnard
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Bodo Moeller
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Michael Sweet
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Bodo Moeller
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Manuel Pégourié-Gonnard
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Hubert Kario
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Daniel Kahn Gillmor
- Re: [TLS] STRAW POLL: Size of the Minimum FF DHE … Rene Struik
- [TLS] closing - Re: STRAW POLL: Size of the Minim… Sean Turner