IETF Logo Mail Archive

Re: [TLS] OPTLS: Signature-less TLS 1.3

Peter Gutmann <pgut001@cs.auckland.ac.nz> Mon, 03 November 2014 18:00 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E96091A6F57 for <tls@ietfa.amsl.com>; Mon, 3 Nov 2014 10:00:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.794
X-Spam-Level:
X-Spam-Status: No, score=-4.794 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.594] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id edAMKCvFAqPO for <tls@ietfa.amsl.com>; Mon, 3 Nov 2014 10:00:37 -0800 (PST)
Received: from mx2.auckland.ac.nz (mx2.auckland.ac.nz [130.216.125.245]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8132B1A6F53 for <tls@ietf.org>; Mon, 3 Nov 2014 10:00:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=uoa; t=1415037638; x=1446573638; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=lyaXZIvdpE0JWhU/kAFknGvzd0jWjnPhQR3+A5/j/EM=; b=pJyFJYf7Or9rtyQlF4rKYTyCmMyQdvJVZ5IbWk2afADwixOp/iR014mX ghOScc3w1qrgIA/4zwwtENSH7K9f4N71UD4FoiRDqV+TdcRCYtagMJpuZ zRz9RkiiNlxt5QLiNz42B9ZFgJbaLGa7Gf20DIpPysz2iK14T2Q7EKKvC A=;
X-IronPort-AV: E=Sophos;i="5.04,630,1406548800"; d="scan'208";a="287434906"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 130.216.4.125 - Outgoing - Outgoing
Received: from uxchange10-fe3.uoa.auckland.ac.nz ([130.216.4.125]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES128-SHA; 04 Nov 2014 07:00:36 +1300
Received: from UXCN10-5.UoA.auckland.ac.nz ([169.254.5.15]) by uxchange10-fe3.UoA.auckland.ac.nz ([130.216.4.125]) with mapi id 14.03.0174.001; Tue, 4 Nov 2014 07:00:35 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "<tls@ietf.org>" <tls@ietf.org>
Thread-Topic: [TLS] OPTLS: Signature-less TLS 1.3
Thread-Index: Ac/3kBBMjHGwdVuoRFOXpz39asc67A==
Date: Mon, 03 Nov 2014 18:00:33 +0000
Message-ID: <9A043F3CF02CD34C8E74AC1594475C739B9DEE2D@uxcn10-5.UoA.auckland.ac.nz>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/wdsl-GZpLXJBk87NPO820jPHfqI
Subject: Re: [TLS] OPTLS: Signature-less TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Nov 2014 18:00:39 -0000

Hanno Böck <hanno@hboeck.de> writes:

>I recently changed my servers from ntpd to tlsdated. That's probably what
>everyone should do. (this still leaves open the question whom you trust for
>your timesource - but it's certainly an improvement over insecure ntp)

See my recent post to the SAAG list where this is also being discussed, this
hack already doesn't work for some TLS servers and won't work at all in the
future when the nonce is just 32 random bytes.

(Also, if everyone is trusting some TLS server as their time source then all
you need to do is spoof that server's NTP source and you've spoofed the time
for every client that relies on it).

Peter.

v2.23.0 | Report a Bug | By Email