IETF Logo Mail Archive

Re: [TLS] Support of integrity only cipher suites in TLS 1.3

"Fries, Steffen" <steffen.fries@siemens.com> Thu, 06 April 2017 08:27 UTC

Return-Path: <steffen.fries@siemens.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 06A961292FD for <tls@ietfa.amsl.com>; Thu, 6 Apr 2017 01:27:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.919
X-Spam-Level:
X-Spam-Status: No, score=-6.919 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SAnzp6Klo3_N for <tls@ietfa.amsl.com>; Thu, 6 Apr 2017 01:27:10 -0700 (PDT)
Received: from goliath.siemens.de (goliath.siemens.de [192.35.17.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A48A12940B for <tls@ietf.org>; Thu, 6 Apr 2017 01:27:09 -0700 (PDT)
Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66]) by goliath.siemens.de (8.15.2/8.15.2) with ESMTPS id v368R2B5007092 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 6 Apr 2017 10:27:02 +0200
Received: from DEFTHW99ERNMSX.ww902.siemens.net (defthw99ernmsx.ww902.siemens.net [139.22.70.141]) by mail2.sbs.de (8.15.2/8.15.2) with ESMTPS id v368R2Jd007656 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 6 Apr 2017 10:27:02 +0200
Received: from DENBGAT9ERHMSX.ww902.siemens.net (139.22.70.143) by DEFTHW99ERNMSX.ww902.siemens.net (139.22.70.141) with Microsoft SMTP Server (TLS) id 14.3.339.0; Thu, 6 Apr 2017 10:27:02 +0200
Received: from DENBGAT9EH2MSX.ww902.siemens.net ([169.254.6.223]) by DENBGAT9ERHMSX.ww902.siemens.net ([139.22.70.143]) with mapi id 14.03.0339.000; Thu, 6 Apr 2017 10:27:01 +0200
From: "Fries, Steffen" <steffen.fries@siemens.com>
To: "Salz, Rich" <rsalz@akamai.com>, Hanno Böck <hanno@hboeck.de>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] Support of integrity only cipher suites in TLS 1.3
Thread-Index: AdKsldO7ZRItAwyZRXCzcLu6YsWN5QAtyDcAADhSsSD//+J2gP/+5Ogg
Date: Thu, 06 Apr 2017 08:27:00 +0000
Message-ID: <E6C9F0E527F94F4692731382340B337847FB32@DENBGAT9EH2MSX.ww902.siemens.net>
References: <E6C9F0E527F94F4692731382340B337847DB9A@DENBGAT9EH2MSX.ww902.siemens.net> <20170404180838.08ca99cc@pc1> <E6C9F0E527F94F4692731382340B337847F4BE@DENBGAT9EH2MSX.ww902.siemens.net> <6ebe1d10b1e8447999f5db2311ec6197@usma1ex-dag1mb1.msg.corp.akamai.com>
In-Reply-To: <6ebe1d10b1e8447999f5db2311ec6197@usma1ex-dag1mb1.msg.corp.akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [139.22.70.13]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/jp2hEtmfKacnCoODsIJUFC2CEtw>
Subject: Re: [TLS] Support of integrity only cipher suites in TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Apr 2017 08:27:12 -0000

Yes, sticking to TLS 1.2 is an option. On the other hand the equipment in scenarios like energy automation is used for a very long time. TLS is used here to secure the communication between specific devices. Besides that, it is also used to allow access for, e.g., service technicians  via web based management on the same devices. One concern is that once in a while the support for TLS 1.2, e.g., in common browsers will run out and the devices need to be upgraded to support different versions of TLS to cope with different security policies. But well, this is likely to be the fate for every long lasting equipment. 

The other point is that for NULL cipher suites that work with elliptic curves no SHA 256 suite is defined. There is just one with RSA. In several use cases there ECDSA is preferred over RSA also due to the required increasing key length and the connected computational load on the devices.

best regards
Steffen

 
-----Original Message-----
From: Salz, Rich [mailto:rsalz@akamai.com] 
Sent: Mittwoch, 5. April 2017 19:16
To: Fries, Steffen (CT RDA ITS); Hanno Böck; tls@ietf.org
Subject: RE: [TLS] Support of integrity only cipher suites in TLS 1.3

Do you have a compelling need for TLS 1.3 as opposed to earlier versions which do have null encryption?

v2.23.0 | Report a Bug | By Email