[TLS] security levels for TLS
"Nikos Mavrogiannopoulos" <nmav@gnutls.org> Mon, 08 October 2007 13:22 UTC
Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IesYq-0007Jv-9V; Mon, 08 Oct 2007 09:22:16 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IesYo-0007JV-VC for tls@lists.ietf.org; Mon, 08 Oct 2007 09:22:14 -0400
Received: from ug-out-1314.google.com ([66.249.92.174]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IesYi-0006qX-PD for tls@lists.ietf.org; Mon, 08 Oct 2007 09:22:14 -0400
Received: by ug-out-1314.google.com with SMTP id z38so763992ugc for <tls@lists.ietf.org>; Mon, 08 Oct 2007 06:21:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth; bh=Rpyizvm/Foy5xO0Qjy0yCvmKFtR4hvPvst8/b3kgLO8=; b=Egr+c3kE5e+l2k3bdX8UXXChx0hUEVJ2uWFNLzUQOHNpEUVCiuXagFKkFgxzWlzfkeo4/SfxET6pmvaILywQx2xNuaNrHb0SBW3/8m9ls1E62jbUK5J+3D6Nq2scQ9p17YMbtB0IXmObSZOw7HQ0uO94zyfFfudL5n/Bitmuzp4=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:sender:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth; b=RERE1vvAGytYCHl0HhIwX146TCmi+Koj0bCquqvXFlHy3LxmyjKPrn/TzRD5PNdX3xqe8ckeG9vBIJJuDkoROAVMtI74csmBs7faF0CbJ2KnpuxEdU9WDGF1BR0eOLTmbfXxL/h15/F8pFHQtlijvaxw9CHzCWmbz8hwdyQd934=
Received: by 10.78.130.6 with SMTP id c6mr3957160hud.1191849702490; Mon, 08 Oct 2007 06:21:42 -0700 (PDT)
Received: by 10.78.146.7 with HTTP; Mon, 8 Oct 2007 06:21:42 -0700 (PDT)
Message-ID: <c331d99a0710080621g7c0ec91et35c46553c23f4402@mail.gmail.com>
Date: Mon, 08 Oct 2007 16:21:42 +0300
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
To: tls@lists.ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Google-Sender-Auth: 714f163f11231dcd
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 8abaac9e10c826e8252866cbe6766464
Subject: [TLS] security levels for TLS
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
Hello, It seems that in TLS the security level of a connection relies on several factors including the ciphersuite. In certificate authentication the certificate plays also a large factor in the security, and especially the public key of it, plus the signer's public key. This is not visible and neither understandable in everyday work with TLS by typical users. For example a browser connection to a site with a 512 bit RSA key that negotiated an 128 bit ciphersuite will not differ to a connection with a 2048 bit RSA key and the same ciphersuite, with regard to visible user data. This makes difficult for users to judge the security level of the connection and one must never assume that a user would understand what a 512 bit RSA key means. For this reason I think using some form of uniform security levels to indicated TLS security would be useful in end-applications. Those levels could be defined in steps (as in [0]), based on objective information of the key sizes in the certificates, the DHE prime and generator sizes (if applicable), the MAC output size of the ciphersuite as well as the key size of the cipher. Then the security level could be printed either as a number (70 bits of security) or as "weak, low, medium, high" based on some definitions of these terms... I could make it more detailed if there is some interest. What do you think? regards, Nikos [0]. "Practical Cryptography", Fergunson, Schneier _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- [TLS] security levels for TLS Nikos Mavrogiannopoulos
- Re: [TLS] security levels for TLS Eric Rescorla
- Re: [TLS] security levels for TLS Nikos Mavrogiannopoulos
- Re: [TLS] security levels for TLS Eric Rescorla
- Re: [TLS] security levels for TLS Yngve Nysaeter Pettersen
- Re: [TLS] security levels for TLS Paul Hoffman
- RE: [TLS] security levels for TLS Kemp, David P.
- Re: [TLS] security levels for TLS Mike
- Re: [TLS] security levels for TLS Eric Rescorla
- Re: [TLS] security levels for TLS Mike
- Re: [TLS] security levels for TLS Eric Rescorla
- Re: [TLS] security levels for TLS Nicolas Williams
- Re: [TLS] security levels for TLS Eric Rescorla
- Re: [TLS] security levels for TLS Steven M. Bellovin
- Re: [TLS] security levels for TLS Nicolas Williams
- Re: [TLS] security levels for TLS Mike
- Re: [TLS] security levels for TLS Eric Rescorla
- Re: [TLS] security levels for TLS Mike
- Re: [TLS] security levels for TLS Eric Rescorla
- Re: [TLS] security levels for TLS Mike
- Re: [TLS] security levels for TLS Paul Hoffman
- Re: [TLS] security levels for TLS Nikos Mavrogiannopoulos
- Re: [TLS] security levels for TLS Eric Rescorla
- Re: [TLS] security levels for TLS Eric Rescorla
- Re: [TLS] security levels for TLS Nicolas Williams
- Re: [TLS] security levels for TLS Nicolas Williams
- Re: [TLS] security levels for TLS Mike
- Re: [TLS] security levels for TLS Mike
- Re: [TLS] security levels for TLS Nicolas Williams
- Re: [TLS] security levels for TLS Mike
- Re: [TLS] security levels for TLS Eric Rescorla
- Re: [TLS] security levels for TLS Eric Rescorla
- Re: [TLS] security levels for TLS Mike
- Re: [TLS] security levels for TLS Mike
- Re: [TLS] security levels for TLS Eric Rescorla
- Re: [TLS] security levels for TLS Mike
- Re: [TLS] security levels for TLS Mike
- Re: [TLS] security levels for TLS Eric Rescorla
- Re: [TLS] security levels for TLS Eric Rescorla
- Re: [TLS] security levels for TLS Eric Rescorla
- Re: [TLS] security levels for TLS Paul Hoffman