IETF Logo Mail Archive

[TLS] Comments on tales from the TLS interim: TLS 1.3 MTI algorithms

KATO Akihiro <kato.akihiro@po.ntts.co.jp> Mon, 23 March 2015 18:39 UTC

Return-Path: <kato.akihiro@po.ntts.co.jp>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E541C1AD1D5 for <tls@ietfa.amsl.com>; Mon, 23 Mar 2015 11:39:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.497
X-Spam-Level: **
X-Spam-Status: No, score=2.497 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2xryu193_18f for <tls@ietfa.amsl.com>; Mon, 23 Mar 2015 11:39:47 -0700 (PDT)
Received: from mail12.ics.ntts.co.jp (mail12.ics.ntts.co.jp [210.232.35.65]) by ietfa.amsl.com (Postfix) with ESMTP id A89A71AD2AF for <tls@ietf.org>; Mon, 23 Mar 2015 11:39:47 -0700 (PDT)
Received: from sadoku34.silk.ntts.co.jp (sadoku34 [10.7.18.34]) by mail12.ics.ntts.co.jp (8.14.4/8.14.4/NTTSOFT) with ESMTP id t2NIdkgq008845 for <tls@ietf.org>; Tue, 24 Mar 2015 03:39:46 +0900 (JST)
Received: (from root@localhost) by sadoku34.silk.ntts.co.jp (8.13.8/NTTSOFT) id t2NIdkQJ023643 for tls@ietf.org; Tue, 24 Mar 2015 03:39:46 +0900 (JST)
Received: from ccmds32.silk.ntts.co.jp [10.107.0.32] by sadoku34.silk.ntts.co.jp with SMTP id DAA23642; Tue, 24 Mar 2015 03:39:46 +0900
Received: from mail147.silk.ntts.co.jp (ccmds32.silk.ntts.co.jp [127.0.0.1]) by ccmds32.silk.ntts.co.jp (8.14.3/8.14.3) with ESMTP id t2NIdjjG029851 for <tls@ietf.org>; Tue, 24 Mar 2015 03:39:45 +0900
Received: from mail147.silk.ntts.co.jp (localhost.localdomain [127.0.0.1]) by mail147.silk.ntts.co.jp (8.14.5/8.14.5/NTTSOFT) with ESMTP id t2NIdjOR005983 for <tls@ietf.org>; Tue, 24 Mar 2015 03:39:45 +0900
Received: from ccmds32 (mail145.silk.ntts.co.jp [10.107.0.145]) by mail147.silk.ntts.co.jp (8.14.5/8.14.5/NTTSOFT) with SMTP id t2NIdjWn005980 for <tls@ietf.org>; Tue, 24 Mar 2015 03:39:45 +0900
Message-ID: <551059B3.1020604@po.ntts.co.jp>
Date: Tue, 24 Mar 2015 03:21:39 +0900
From: KATO Akihiro <kato.akihiro@po.ntts.co.jp>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0
MIME-Version: 1.0
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: text/plain; charset="iso-2022-jp"
Content-Transfer-Encoding: 7bit
X-CC-Mail-RelayStamp: CC-Mail-V4.3-Client
X-CC-Mail-RelayStamp: CC-Mail-V4.3-Server
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/xp20sXGARDQDxwqv_Ynmka2jdt8>
Subject: [TLS] Comments on tales from the TLS interim: TLS 1.3 MTI algorithms
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Mar 2015 18:39:49 -0000

Hi All.

I will comment TLS 1.3 MTI. I'm holding the following points of view.

(a) To be avoided Single points of failure,
(b) If possible, back up algorithm suitable for low spec system,
(c) Second point algorithm developed by different concept.

> o Symmetric:
>     MUST AES-GCM 128
>     [SHOULD ChaCha20-Poly1305]

I have no objection, it is AES-GCM is a MUST. Protocols used DTLS (fg.
CoAP) can not deploy by ChaCha20, which is not second point cipher for
AES. MTI will have second point block cipher using CCM.

> o Hash:
>     MUST SHA-256
MTI will have another algorithm, but we do not have candidate.

> o Signature:
>     MUST ECDSA P-256
>     MUST RSA
     MUST ECDSA P-256
     SHOULD RSA

>From point of view (b), I wiil hold ECDSA P-256. RSA move to SHOULD.

Regards.

v2.23.0 | Report a Bug | By Email