Re: [Uta] updated I-Ds
Watson Ladd <watsonbladd@gmail.com> Thu, 13 February 2014 19:51 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D05A21A044F for <uta@ietfa.amsl.com>; Thu, 13 Feb 2014 11:51:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nRziVHi2nX7o for <uta@ietfa.amsl.com>; Thu, 13 Feb 2014 11:51:30 -0800 (PST)
Received: from mail-yh0-x22c.google.com (mail-yh0-x22c.google.com [IPv6:2607:f8b0:4002:c01::22c]) by ietfa.amsl.com (Postfix) with ESMTP id 9E4C91A0436 for <uta@ietf.org>; Thu, 13 Feb 2014 11:51:30 -0800 (PST)
Received: by mail-yh0-f44.google.com with SMTP id f73so10652554yha.17 for <uta@ietf.org>; Thu, 13 Feb 2014 11:51:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Q56U04OV/VzoMwlNNVhc48iix8Ij1SNzivqFrJttEXY=; b=IbXA3B7KKLAWflFHpsXMGAj4n7lkmnMf5u9KrcSUSneb1eyx/mSV2xn1hywLYrpFbf XQxj8E4wFQ2M9y3wEmHB24GmSybs70E9Zb1mhLUWSHP0VNmoim8ilvL13vLGzuZbViHa +VDelYGY689XhA75GHaljkFtuSBCnAOf7lv9gpW59VzuZyhHzXMljwt355AUNlbcyhkK IcMQI9H1+m2bnY1DPE9LPTpx6AV7Fe6CXr5GC5jXxYMw/FwGnp5uszaWuT2pa6eDkPYH Ekk0a6dN1TjuHAh1kOwRLJrEuRrkQZSIkiHNga2491lxYfbG124i6Vyf7Tuk4UZOtB8r 0fBQ==
MIME-Version: 1.0
X-Received: by 10.236.28.162 with SMTP id g22mr3034281yha.52.1392321089247; Thu, 13 Feb 2014 11:51:29 -0800 (PST)
Received: by 10.170.164.212 with HTTP; Thu, 13 Feb 2014 11:51:29 -0800 (PST)
In-Reply-To: <52FD1424.4080400@stpeter.im>
References: <52FD1424.4080400@stpeter.im>
Date: Thu, 13 Feb 2014 11:51:29 -0800
Message-ID: <CACsn0ckkJqx7EmNR3iwDCKw089LePHWguMmCvYpLz4dgYhUSzQ@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: Peter Saint-Andre <stpeter@stpeter.im>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/uta/_sixuGKDqxi0LQdFswYLSbEQay8
Cc: "uta@ietf.org" <uta@ietf.org>
Subject: Re: [Uta] updated I-Ds
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Feb 2014 19:51:33 -0000
On Thu, Feb 13, 2014 at 10:51 AM, Peter Saint-Andre <stpeter@stpeter.im> wrote: > Yaron, Ralph, and I have updated our respective documents as follows: > > 1. draft-sheffer-uta-tls-attacks is in essence what used to be Section 2 of > draft-sheffer-tls-bcp > > 2. draft-sheffer-tls-bcp now focuses primarily on the recommendations > > 3. draft-saintandre-xmpp-tls now mostly points to draft-sheffer-tls-bcp > > Please review the document set and let us know how things can be improved! Some notes: The first two drafts do not discuss certificate validation or pinning, which are useful for browsers and special purpose apps. The recommendation to employ 128-bit symmetric encryption is in conflict with the substance of the DHE recommendation. The number field sieve takes time L(1/3, 64/9). Currently a 530 bit prime can be done effectively with 3 core years of sieving. This implies that a 1024 bit prime will take approximately 10.5 core years, and 2048 bits 15 core years. The linear algebra step is always cheaper than sieving on custom hardware. Double check the arithmetic, but I think this is right. By contrast an ECDLP solution over P256 would take 2^{128} operations, which with a billion computers doing a trillion operations a second would take longer than recorded human history. Brainpool curve implementations currently are weaker than NIST curves because of timing side channels. Sincerely, Watson Ladd > > https://datatracker.ietf.org/doc/draft-sheffer-uta-tls-attacks/ > > https://datatracker.ietf.org/doc/draft-sheffer-tls-bcp/ > > https://datatracker.ietf.org/doc/draft-saintandre-xmpp-tls/ > > Peter > > -- > Peter Saint-Andre > https://stpeter.im/ > > _______________________________________________ > Uta mailing list > Uta@ietf.org > https://www.ietf.org/mailman/listinfo/uta -- "Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety." -- Benjamin Franklin
- [Uta] updated I-Ds Peter Saint-Andre
- Re: [Uta] updated I-Ds Watson Ladd
- Re: [Uta] updated I-Ds Orit Levin (LCA)
- Re: [Uta] updated I-Ds Alexey Melnikov
- Re: [Uta] updated I-Ds Daniel Kahn Gillmor
- Re: [Uta] updated I-Ds Watson Ladd
- Re: [Uta] updated I-Ds Daniel Kahn Gillmor
- Re: [Uta] updated I-Ds Stephen Farrell
- Re: [Uta] updated I-Ds Yaron Sheffer
- Re: [Uta] updated I-Ds Orit Levin (LCA)
- Re: [Uta] updated I-Ds Yaron Sheffer