IETF Logo Mail Archive

Re: [TLS] TLS 1.3 Recommended ECC curve for 192-bit security

Michał Staruch <msta@cinkciarz.pl> Mon, 12 October 2015 09:34 UTC

Return-Path: <msta@cinkciarz.pl>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 134AE1A92E5 for <tls@ietfa.amsl.com>; Mon, 12 Oct 2015 02:34:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.622
X-Spam-Level: *
X-Spam-Status: No, score=1.622 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zYCHz8HjgB-s for <tls@ietfa.amsl.com>; Mon, 12 Oct 2015 02:34:13 -0700 (PDT)
Received: from mail-lb0-x232.google.com (mail-lb0-x232.google.com [IPv6:2a00:1450:4010:c04::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B7CAB1A92E4 for <TLS@ietf.org>; Mon, 12 Oct 2015 02:34:12 -0700 (PDT)
Received: by lbbck17 with SMTP id ck17so16739538lbb.1 for <TLS@ietf.org>; Mon, 12 Oct 2015 02:34:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cinkciarz.pl; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=/OgOYuTrqJin5v3Le3i8/9+vLv9GsH/sKKzMdn8S8Z8=; b=Uk/VeEw25fve3DEnLhtcdt8MEh+5x8srucg7dJX6+/pgW00aHP/ueEwyS6xNsg/m+h cDpWSBu49w0S7GCdcBQgg5VVPCvtvJAuGzx4+XU7PmihjmM76WmVkr4FkfCDB/1h2Ahu K4Wy6VX4YyPNAPj7uGPcqL51ArjYTDMZSLrlI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=/OgOYuTrqJin5v3Le3i8/9+vLv9GsH/sKKzMdn8S8Z8=; b=Nfm5f5vqKiJi+BC5EsMzBVS86YjSV7p9CcFXM2Idew+u9ajcGZshRY/VU4fQZ6qVtK krE4Ibi7XAgxR91C43ihtWMZDoPybJQ/vEMEb1DhOeFQ6/kgQG9bXHO843Mvnm1IIiaN T5vdO3ZobbkG+fCYmjYeizbIz9jaC+2BO8j0Q8S/LLZVspGSM/TqnvNeTxX+tq70u1V9 1ABK1zdCvMvaYWUe9KJ8vwkTdafcPJTIAyQLSy7jlgiRGlG0Lhzb619Epc6djWEBwH3g GgY8LwRdH/xYW7mSFH1IXVV0c3fRM2zskeTXpnZgv7NfOloC3kbbULdFkXHigWsR+ub4 mCGQ==
X-Gm-Message-State: ALoCoQm64SKkGpzHMvWOvaWygFJQ/1PnyOoCxLvAmctIGWvrAfKrchnHOgMFTO9DbSXaYh5Ec8hy
MIME-Version: 1.0
X-Received: by 10.25.90.83 with SMTP id o80mr7634004lfb.47.1444642450639; Mon, 12 Oct 2015 02:34:10 -0700 (PDT)
Received: by 10.25.20.214 with HTTP; Mon, 12 Oct 2015 02:34:10 -0700 (PDT)
In-Reply-To: <D2414396.3D932%john.mattsson@ericsson.com>
References: <D2414396.3D932%john.mattsson@ericsson.com>
Date: Mon, 12 Oct 2015 11:34:10 +0200
Message-ID: <CAN1diftLbtGPQh6Bb4aVdjK-oc=OvP5snD9Tq-Gv1we9EzzOeg@mail.gmail.com>
From: Michał Staruch <msta@cinkciarz.pl>
To: John Mattsson <john.mattsson@ericsson.com>
Content-Type: multipart/related; boundary="001a1140042a1955260521e50860"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/vBipwQLhqWXa0QZysc97QO5AObo>
Cc: "TLS@ietf.org" <TLS@ietf.org>
Subject: Re: [TLS] TLS 1.3 Recommended ECC curve for 192-bit security
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Oct 2015 09:34:15 -0000

We already have "SHOULD support key exchange with X25519" in this section,
so people implementing it should have no problems with adopting X448
<https://tools.ietf.org/html/draft-irtf-cfrg-curves-10#section-6.2> to
achieve ~224 bit security where it's needed (and better performance than
P-384).

On Mon, Oct 12, 2015 at 11:01 AM, John Mattsson <john.mattsson@ericsson.com>
wrote:

> I think the selection of MTI Cipher Suites (Section 8.1 of
> draft-ietf-tls-tls13-09) is excellent, but I am missing a recommended ECC
> curve for the “SHOULD” cipher suites. Little benefit of using AES-256 with
> P-256 or curve25519. Shouldn’t there be a SHOULD implement ECC curve giving
> at least 192-bit security? E.g.
>
> "These cipher suites SHOULD support both digital signatures and key
> exchange with secp384r1 (NIST P-384)."
>
> Cheers,
> John
>
>
> [image: line]
>
> *JOHN MATTSSON*
>
> *MSc Engineering Physics, MSc Business Administration and Economics*
>
> *Ericsson IETF Security Coordinator*
> * Senior Researcher, Security*
>
>
> Ericsson AB
> Ericsson Research
> Färögatan 6
> SE-164 80 Stockholm, Sweden
> Phone +46 10 71 43 501
> SMS/MMS +46 76 11 53 501
> john.mattsson@ericsson.com
>
> www.ericsson.com
>
>
>
> [image: http://www.ericsson.com/] <http://www.ericsson.com/>
>
>
>
> This Communication is Confidential. We only send and receive email on the
> basis of the terms set out atwww.ericsson.com/email_disclaimer
>
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>
>


-- 

Pozdrawiam | Best Regards

Michał Staruch | Information Security Officer

ul. Sienkiewicza 9, 65-001 Zielona Góra

msta@cinkciarz.pl

Find us on Bloomberg CKPL <GO>
[image: Cinkciarz.pl Sp. z.o.o] <https://cinkciarz.pl>

*Cinkciarz.pl Sp. z o.o.*

*Siedziba:* ul. Sienkiewicza 9, 65-001 Zielona Góra

*Biuro PL:* Al. Jerozolimskie 123A, 00-965 Warszawa

*Biuro UK:* The Broadgate Tower, 20 Primrose Street, London EC2A 2EW

*Biuro USA:* 401 North Michigan Avenue, Chicago, Illinois, 60611

*Sekretariat:* +48 726 666 655 | *Infolinia:* +48 68 410 99 50

biuro@cinkciarz.pl | https://cinkciarz.pl

KRS 0000364722 | Kapitał zakładowy 23.263.500 zł

REGON 080465538 | NIP 9291830388

Audited by: Grant Thornton

[image: Oficjalny sponsor Reprezentacji Polski w piłce nożnej]

Treść tej wiadomości zawiera informacje poufne, przeznaczone tylko dla
adresata. Udostępnianie, ujawnianie, powielanie, rozpowszechnianie bądź
powoływanie się na jakikolwiek jej fragment przez inne osoby jest
zabronione. W razie przypadkowego otrzymania tej wiadomości prosimy o
powiadomienie o tym nadawcy oraz trwałe jej usunięcie. Informacje zawarte w
tej wiadomości mogą być objęte tajemnicą zawodową lub chronione innymi
przepisami prawnymi. Nadawca nie bierze odpowiedzialności za jakiekolwiek
szkody spowodowane wirusem komputerowym przetransmitowanym w tej
wiadomości.  Poglądy i opinie przedstawione w tej wiadomości są wyłącznie
poglądami i opiniami jej autora i niekoniecznie reprezentują poglądy i
opinie firmy.

This is a confidential e-mail intended solely for the use of the entity or
the individual to whom it is addressed. Unauthorized publication, use,
dissemination or disclosure of this message, either in whole or in part is
strictly prohibited. If you have received this message in error please send
it back to the sender and delete it. It may also be privileged or otherwise
protected by work product immunity or other legal rules. The company
accepts no liability for any damage caused by any virus transmitted by this
e-mail. Any views or opinions presented in this e-mail are solely those of
the author and do not necessarily represent those of the company.

v2.23.0 | Report a Bug | By Email