Re: [TLS] draft-sheffer-tls-bcp: DH recommendations

Peter Gutmann <pgut001@cs.auckland.ac.nz> Thu, 19 September 2013 09:56 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD58B21F9425 for <tls@ietfa.amsl.com>; Thu, 19 Sep 2013 02:56:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.224
X-Spam-Level:
X-Spam-Status: No, score=-2.224 tagged_above=-999 required=5 tests=[AWL=-0.375, BAYES_00=-2.599, SARE_OBFU_ALL=0.751]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4B7LT36pnRVQ for <tls@ietfa.amsl.com>; Thu, 19 Sep 2013 02:56:15 -0700 (PDT)
Received: from mx2.auckland.ac.nz (mx2.auckland.ac.nz [130.216.125.245]) by ietfa.amsl.com (Postfix) with ESMTP id 507DA21F93E1 for <tls@ietf.org>; Thu, 19 Sep 2013 02:56:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=uoa; t=1379584576; x=1411120576; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=b65qJ9MVti7gQETg4cf9MLQMBauZw4gdxfnFbnldZZg=; b=puj/e1eycUefNboPFVFfRRzp4GXzE5A2yTmTtlOv+d457xX9ZjbfCnBP pN/MrJsLz6+0jwFncCc0U/nLsYzZ+DWtJLdNlJNgE3nQSJoyYkAgrzC1a Hf8PK+pvyyOPKaxKWWH/wZ9InY13VFEBB7SXz9mU8opz93Xcx5gAkou/p M=;
X-IronPort-AV: E=Sophos;i="4.90,936,1371038400"; d="scan'208";a="213036194"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 130.216.4.106 - Outgoing - Outgoing
Received: from uxchange10-fe2.uoa.auckland.ac.nz ([130.216.4.106]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES128-SHA; 19 Sep 2013 21:56:14 +1200
Received: from UXCN10-6.UoA.auckland.ac.nz ([169.254.10.158]) by uxchange10-fe2.UoA.auckland.ac.nz ([130.216.4.106]) with mapi id 14.02.0318.004; Thu, 19 Sep 2013 21:56:13 +1200
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "TLS@ietf.org (tls@ietf.org)" <tls@ietf.org>
Thread-Topic: [TLS] draft-sheffer-tls-bcp: DH recommendations
Thread-Index: Ac61HnofVs3kv5NUTXSs0s2pfqNT8w==
Date: Thu, 19 Sep 2013 09:56:14 +0000
Message-ID: <9A043F3CF02CD34C8E74AC1594475C735567407D@uxcn10-6.UoA.auckland.ac.nz>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [TLS] draft-sheffer-tls-bcp: DH recommendations
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Sep 2013 09:56:20 -0000

"Blumenthal, Uri - 0558 - MITLL" <uri@ll.mit.edu> writes:

>I personally think that for *ephemeral* DH even 1024 bits still is enough.
>And would *much* prefer having PFS now with individual session keys at
>somewhat greater risk, over a system that is very secure and completely
>useless because nobody bothered to deploy it.

Exactly.  We don't need theoretically perfect security in ten years when we've
finished arguing about it and have upgraded every system on the planet to
support it, we just need good enough right now.  That's DH-1024, and when we
have that turned on everywhere we've got some breathing space to worry about
what to do next.

Peter.