Re: [Tm-rid] Some updates and work on HHITs
Robert Moskowitz <rgm@labs.htt-consult.com> Thu, 22 August 2019 00:18 UTC
Return-Path: <rgm@labs.htt-consult.com>
X-Original-To: tm-rid@ietfa.amsl.com
Delivered-To: tm-rid@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07E781201E5 for <tm-rid@ietfa.amsl.com>; Wed, 21 Aug 2019 17:18:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Geu0XgvBmTGT for <tm-rid@ietfa.amsl.com>; Wed, 21 Aug 2019 17:18:46 -0700 (PDT)
Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D81C0120827 for <tm-rid@ietf.org>; Wed, 21 Aug 2019 17:18:46 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 5A2B262110; Wed, 21 Aug 2019 20:18:45 -0400 (EDT)
X-Virus-Scanned: amavisd-new at htt-consult.com
Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id XMuTxLCCn4yp; Wed, 21 Aug 2019 20:18:42 -0400 (EDT)
Received: from lx140e.htt-consult.com (unknown [192.168.160.12]) (using TLSv1.2 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id A39AF6210F; Wed, 21 Aug 2019 20:18:39 -0400 (EDT)
To: Michael Richardson <mcr+ietf@sandelman.ca>
Cc: "Wiethuechter, Adam" <adam.wiethuechter@axenterprize.com>, "tm-rid@ietf.org" <tm-rid@ietf.org>
References: <d04d866c-24cc-eb6c-219f-9eb511160a87@labs.htt-consult.com> <CA+r8TqX52fyPpRBW6=UnnqV19qtSPc9u5gqAs7YoeKhz2aY67w@mail.gmail.com> <CA+r8TqWZmGJGhJjreNfC+k8GwmDPF7Ds+LguJbwtuRRvc2Lkow@mail.gmail.com> <93528895-aacb-d9cc-ea4d-0c8661ea17f7@labs.htt-consult.com> <20057.1566430537@dooku.sandelman.ca>
From: Robert Moskowitz <rgm@labs.htt-consult.com>
Message-ID: <f7a1c90c-fc79-5ab1-07bb-c7affb1b5719@labs.htt-consult.com>
Date: Wed, 21 Aug 2019 20:18:32 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <20057.1566430537@dooku.sandelman.ca>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/tm-rid/H38MLEKRjJs5jzCkPT7F-W5Ltx4>
Subject: Re: [Tm-rid] Some updates and work on HHITs
X-BeenThere: tm-rid@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Trustworthy Multipurpose RemoteID <tm-rid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tm-rid/>
List-Post: <mailto:tm-rid@ietf.org>
List-Help: <mailto:tm-rid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Aug 2019 00:18:57 -0000
On 8/21/19 7:35 PM, Michael Richardson wrote: > > Attached is the latest version of the HHIT generation script > > (2019.08a13) along with a script to search for duplicate HITs/HHITs > > when a data set is generated. > > Robert Moskowitz <rgm@labs.htt-consult.com> wrote: > > Per the collision formula, the probability of collision of 1M in a > > potential population of 2^64 is: > > > 2.7x10^-6 % > > > That is basically a zero probability. IF you had collisions then I > > would be suspicious of some underlying assumption. > > I don't really understand the operational need to generate a set of millions > of HHITs. The assumption is that the risk of collisions is so small that it will be rare that a device will have to create a new keypair and resultant HHITs to register. This question WILL come up in discussions with those not conversant in the underlying math. So to actually run through creating that many keypairs and showing no collisions is a worthwhile endeavor. Of course it does not address bad RND functions that create the same keypairs across different systems as referenced in the draft's security considerations https://factorable.net/weakkeys12.extended.pdf It is not operational. It is proof in trust that a system can be designed like this.
- [Tm-rid] Some updates and work on HHITs Robert Moskowitz
- Re: [Tm-rid] Some updates and work on HHITs Wiethuechter, Adam
- Re: [Tm-rid] Some updates and work on HHITs Wiethuechter, Adam
- Re: [Tm-rid] Some updates and work on HHITs Robert Moskowitz
- Re: [Tm-rid] Some updates and work on HHITs Michael Richardson
- Re: [Tm-rid] Some updates and work on HHITs Robert Moskowitz
- Re: [Tm-rid] Some updates and work on HHITs Michael Richardson