From cfrg-bounces@irtf.org Thu Nov 13 06:18:02 2008 Return-Path: X-Original-To: cfrg-archive@megatron.ietf.org Delivered-To: ietfarch-cfrg-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D67B03A67AD; Thu, 13 Nov 2008 06:18:02 -0800 (PST) X-Original-To: cfrg@core3.amsl.com Delivered-To: cfrg@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3025F3A6783 for ; Thu, 13 Nov 2008 06:18:01 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -101.141 X-Spam-Level: X-Spam-Status: No, score=-101.141 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tRUR8lnLwowq for ; Thu, 13 Nov 2008 06:17:59 -0800 (PST) Received: from woodstock.binhost.com (woodstock.binhost.com [8.8.40.152]) by core3.amsl.com (Postfix) with SMTP id 9B0D83A67AD for ; Thu, 13 Nov 2008 06:17:59 -0800 (PST) Received: (qmail 11767 invoked by uid 0); 13 Nov 2008 14:17:56 -0000 Received: from unknown (HELO THINKPADR52.vigilsec.com) (96.255.143.189) by woodstock.binhost.com with SMTP; 13 Nov 2008 14:17:56 -0000 X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Thu, 13 Nov 2008 09:17:54 -0500 To: cfrg@irtf.org From: Sara Caswell (by way of Russ Housley ) Mime-Version: 1.0 Message-Id: <20081113141759.9B0D83A67AD@core3.amsl.com> Subject: [Cfrg] Comment Period for FIPS 186-3: Digital Signature Standard X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0024578012==" Sender: cfrg-bounces@irtf.org Errors-To: cfrg-bounces@irtf.org --===============0024578012== Content-Type: text/html; charset="us-ascii" As stated in the Federal Register of November 12, 2008, NIST requests final comments on FIPS 186-3, the proposed revision of FIPS 186-2, the Digital Signature Standard. The draft defines methods for digital signature generation that can be used for the protection of messages, and for the verification and validation of those digital signatures using DSA, RSA and ECDSA.

Please submit comments to ebarker@nist.gov with "Comments on Draft 186-3" in the subject line. The comment period closes on December 12, 2008. --===============0024578012== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Cfrg mailing list Cfrg@irtf.org https://www.irtf.org/mailman/listinfo/cfrg --===============0024578012==-- From cfrg-bounces@irtf.org Thu Nov 13 08:27:58 2008 Return-Path: X-Original-To: cfrg-archive@megatron.ietf.org Delivered-To: ietfarch-cfrg-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6F99628C19B; Thu, 13 Nov 2008 08:27:58 -0800 (PST) X-Original-To: cfrg@core3.amsl.com Delivered-To: cfrg@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 51F1628C19B for ; Thu, 13 Nov 2008 08:27:57 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iW0BWDQ75zIJ for ; Thu, 13 Nov 2008 08:27:56 -0800 (PST) Received: from balder-227.proper.com (properopus-pt.tunnel.tserv3.fmt2.ipv6.he.net [IPv6:2001:470:1f04:392::2]) by core3.amsl.com (Postfix) with ESMTP id AC37E28C198 for ; Thu, 13 Nov 2008 08:27:55 -0800 (PST) Received: from [10.20.30.152] (dsl-63-249-108-169.cruzio.com [63.249.108.169]) (authenticated bits=0) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id mADGRqMa009483 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 13 Nov 2008 09:27:53 -0700 (MST) (envelope-from paul.hoffman@vpnc.org) Mime-Version: 1.0 Message-Id: Date: Thu, 13 Nov 2008 08:27:48 -0800 To: cfrg@irtf.org From: Paul Hoffman Subject: [Cfrg] Fwd: NIST Released 3 Security Publications X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: cfrg-bounces@irtf.org Errors-To: cfrg-bounces@irtf.org Following Sara's note, two other drafts that are of direct interest to CFRG have also just gone into their review cycles. --Paul Hoffman >Date: Thu, 13 Nov 2008 09:16:18 -0500 (EST) >Reply-To: poreilly@email.nist.gov >Originator: compsecpubs@nist.gov >Sender: compsecpubs@nist.gov >From: "Patrick O'Reilly" >To: Multiple recipients of list >Subject: NIST Released 3 Security Publications >X-To: compsecpubs@nist.gov >X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0 >X-NIST-MailScanner: Found to be clean >X-NIST-MailScanner-From: compsecpubs@nist.gov > > >NIST is proud to announce the release of 3 documents - >1. Draft FIPS Publication 186-3 >2. Draft Special Publication (SP) 800-102 >3. Special Publication 800-108 >See below for full details on these 3 documents. > > >Document #1 - Draft FIPS 186-3 >As stated in November 12th Federal Register Notice, NIST requests final comments on FIPS 186-3, the proposed revision of FIPS 186-2, the Digital Signature Standard. The draft defines methods for digital signature generation that can be used for the protection of messages, and for the verification and validation of those digital signatures using DSA, RSA and ECDSA. Please submit comments to ebarker@nist.gov with "Comments on Draft 186-3" in the subject line. The comment period closes on Friday, December 12, 2008. > >URL to Federal Register Notice: >http://csrc.nist.gov/fedreg/FRN_Nov12-2008_Vol73No219_FIPS186-3.pdf > >URL to Draft FIPS 186-3: >http://csrc.nist.gov/publications/PubsDrafts.html#FIPS-186--3 > > >Document #2 - Draft Special Publication (SP) 800-102 >NIST requests comments on Draft SP 800-102, Recommendation for Digital Signature Timeliness. This Recommendation provides methods for obtaining assurance about the time that a message was signed. The concepts in this Recommendation were presented in the original public comment draft of FIPS 186,3, The Digital Signature Standard. Please provide comments to ebarker@nist.gov by December 19, 2008, with "Comments on SP 800-102" in the subject line. > >URL to Draft SP 800-102: >http://csrc.nist.gov/publications/PubsDrafts.html#800-102 > > >Document #3 - SP 800-108 >The National Institute of Standards and Technology (NIST) is pleased to announce the release of Special Publication 800-108. Recommendation for Key Derivation Using Pseudorandom Functions. This Recommendation specifies techniques for the derivation of additional keying material from a secret cryptographic key using pseudorandom functions. This key can be either established through a key establishment scheme or shared through some other manner. > >URL to SP 800-108 >http://csrc.nist.gov/publications/PubsSPs.html#800-108 > > >--------------------- >To unsubscribe from this list send e-mail to listproc@nist.gov and type in the body of the e-mail message: > unsubscribe compsecpubs > >Reminder: You need to make sure that you are unsubscribing from the original e-mail address that you subscribed to this list from. If not, you will receive an error message. If that is the case, send patrick.oreilly@nist.gov an e-mail and I will have to manually delete your email address from the listproc system. To save time - please provide me with your old email address that you subscribed to the list. Thanks. > >Pat O'Reilly >List Administrator >Computer Security Division >NIST _______________________________________________ Cfrg mailing list Cfrg@irtf.org https://www.irtf.org/mailman/listinfo/cfrg From cfrg-bounces@irtf.org Wed Nov 19 16:05:44 2008 Return-Path: X-Original-To: cfrg-archive@megatron.ietf.org Delivered-To: ietfarch-cfrg-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 88AF43A6BCD; Wed, 19 Nov 2008 16:05:44 -0800 (PST) X-Original-To: cfrg@core3.amsl.com Delivered-To: cfrg@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 558173A6B94 for ; Wed, 19 Nov 2008 16:05:43 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 29rqKpwWSVnB for ; Wed, 19 Nov 2008 16:05:42 -0800 (PST) Received: from vms173001pub.verizon.net (vms173001pub.verizon.net [206.46.173.1]) by core3.amsl.com (Postfix) with ESMTP id 879DA3A696F for ; Wed, 19 Nov 2008 16:05:42 -0800 (PST) Received: from [130.129.31.126] by vms173001.mailsrvcs.net (Sun Java System Messaging Server 6.2-6.01 (built Apr 3 2006)) with ESMTPA id <0KAL00FP6UX6JXTL@vms173001.mailsrvcs.net> for cfrg@ietf.org; Wed, 19 Nov 2008 18:05:30 -0600 (CST) Date: Wed, 19 Nov 2008 18:06:38 -0600 From: Tim Polk To: cfrg@ietf.org Message-id: MIME-version: 1.0 (Apple Message framework v753.1) X-Mailer: Apple Mail (2.753.1) Subject: [Cfrg] Requesting guidance on key sizes for 3850bis and 3851bis X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed"; DelSp="yes" Sender: cfrg-bounces@irtf.org Errors-To: cfrg-bounces@irtf.org Folks, I requested IETF Last Call for two documents from the S/MIME working group at the end of October. In the Last Call messages, I asked for community input on two issues regarding cryptographic key sizes. The two week Last Call resulted in exactly one response, so I am requesting further guidance from the cfrg. Here is the relevant excerpt from the Last Call for 'Secure/ Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 Certificate Handling', > In particular, the IESG solicits comments on the cryptographic > strength > requirements specified in section 4.3, Certificate and CRL Signing > Algorithm and Key Sizes, and the following statement from Section 6, > Security Considerations: > > "Today, 512-bit RSA, DSA and DH keys are considered by many experts > to be cryptographically insecure." > > These sections require S/MIME recieving agents to support RSA key > lengths > between 512 and 1024 bits, and permit support for DSA key lengths > between > 512 and 1024 bits. Given that other organizations are moving > to a minimum key length of 2048 bits, the IESG wishes to verify IETF > consensus for the cryptographic minimums in this document. > The relevant excerpt from the Last Call for 'Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 Message Specification', > > In particular, the IESG solicits comments on the cryptographic > strength > requirements specified in section 4.1 through 4.5, and the following > statement from Section 6, Security Considerations: > > "Today, 512-bit RSA, DSA and DH keys are considered by many experts > to be cryptographically insecure." > > These sections allow the continued use of RSA, DSA, and DH key lengths > between 512 and 1024 bits. Given that other organizations are moving > to a minimum key length of 2048 bits, the IESG wishes to verify IETF > consensus for the cryptographic minimums in this document. > Given the lack of response from the wider community, I would greatly appreciate any input the CFRG can provide. I am currently planning to place these documents on the December 18, 2008 IESG telechat. Thanks, Tim Polk _______________________________________________ Cfrg mailing list Cfrg@irtf.org https://www.irtf.org/mailman/listinfo/cfrg From cfrg-bounces@irtf.org Wed Nov 19 16:43:15 2008 Return-Path: X-Original-To: cfrg-archive@megatron.ietf.org Delivered-To: ietfarch-cfrg-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E59F63A6B8B; Wed, 19 Nov 2008 16:43:15 -0800 (PST) X-Original-To: cfrg@core3.amsl.com Delivered-To: cfrg@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4BF9C3A6B8B; Wed, 19 Nov 2008 16:43:14 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g071Qhz402vD; Wed, 19 Nov 2008 16:43:13 -0800 (PST) Received: from vms173003pub.verizon.net (vms173003pub.verizon.net [206.46.173.3]) by core3.amsl.com (Postfix) with ESMTP id 887963A6782; Wed, 19 Nov 2008 16:43:13 -0800 (PST) Received: from [130.129.31.126] by vms173003.mailsrvcs.net (Sun Java System Messaging Server 6.2-6.01 (built Apr 3 2006)) with ESMTPA id <0KAL00I12WNUEWA9@vms173003.mailsrvcs.net>; Wed, 19 Nov 2008 18:43:07 -0600 (CST) Date: Wed, 19 Nov 2008 18:44:14 -0600 From: Tim Polk To: saag@ietf.org, cfrg@ietf.org Message-id: <3E7B31BE-920D-4C79-9FF4-BCB07309AF43@nist.gov> MIME-version: 1.0 (Apple Message framework v753.1) X-Mailer: Apple Mail (2.753.1) Subject: [Cfrg] NIST requests public comments on revision of FIPS 186-3 (DSS) X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed"; DelSp="yes" Sender: cfrg-bounces@irtf.org Errors-To: cfrg-bounces@irtf.org Folks, I though that SAAG and CFRG members might be interested in the following announcement: > As stated in the November 12, 2008 Federal Register Notice, NIST > requests final comments on draft FIPS 186-3, the proposed revision > of FIPS 186-2, the Digital Signature Standard. The draft defines > methods for digital signature generation that can be used for the > protection of messages, and for the verification and validation of > those digital signatures using DSA, RSA and ECDSA. Please submit > comments to ebarker@nist.gov with "Comments on Draft 186-3" in the > subject line. The comment period closes on December 19, 2008. > Most significantly, this document (if approved) will provide a standard reference for the Digital Signature Algorithm (DSA) with larger key sizes. FIPS 186-2 limited DSA keys to 1024 bits. The Federal Register Notice is available at http://csrc.nist.gov/fedreg/ FRN_Nov12-2008_Vol73No219_FIPS186-3.pdf and the draft FIPS is available at http://csrc.nist.gov/publications/drafts/fips_186-3/ Draft_FIPS-186-3%20_November2008.pdf Any comments would be appreciated. Note the deadline of December 19, 2008. NIST hopes to resolve all public comments expeditiously, so this should be considered a hard deadline. Thanks, Tim Polk _______________________________________________ Cfrg mailing list Cfrg@irtf.org https://www.irtf.org/mailman/listinfo/cfrg From cfrg-bounces@irtf.org Wed Nov 19 16:55:00 2008 Return-Path: X-Original-To: cfrg-archive@megatron.ietf.org Delivered-To: ietfarch-cfrg-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 60C1D3A6BD4; Wed, 19 Nov 2008 16:55:00 -0800 (PST) X-Original-To: cfrg@core3.amsl.com Delivered-To: cfrg@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8F99A3A6BD4; Wed, 19 Nov 2008 16:54:59 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0hUovL9RQuso; Wed, 19 Nov 2008 16:54:58 -0800 (PST) Received: from vms042pub.verizon.net (vms042pub.verizon.net [206.46.252.42]) by core3.amsl.com (Postfix) with ESMTP id D42EF3A6AD1; Wed, 19 Nov 2008 16:54:58 -0800 (PST) Received: from [130.129.31.126] by vms042.mailsrvcs.net (Sun Java System Messaging Server 6.2-6.01 (built Apr 3 2006)) with ESMTPA id <0KAL00L2FX78SDN6@vms042.mailsrvcs.net>; Wed, 19 Nov 2008 18:54:45 -0600 (CST) Date: Wed, 19 Nov 2008 18:55:52 -0600 From: Tim Polk In-reply-to: <3E7B31BE-920D-4C79-9FF4-BCB07309AF43@nist.gov> To: saag@ietf.org, cfrg@ietf.org Message-id: <4EA8DEF3-DC7F-40FF-B7ED-AFBD22543316@nist.gov> MIME-version: 1.0 (Apple Message framework v753.1) X-Mailer: Apple Mail (2.753.1) References: <3E7B31BE-920D-4C79-9FF4-BCB07309AF43@nist.gov> Subject: [Cfrg] Correction Re: NIST requests public comments on revision of FIPS 186-3 (DSS) X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed"; DelSp="yes" Sender: cfrg-bounces@irtf.org Errors-To: cfrg-bounces@irtf.org Folks, I just realized the website I was quoting from was *wrong*. The deadline for comments specified in the Federal Register Notice is December 12, 2008 rather than the 19th. That is the normative reference, and it is still a hard deadline. I have emailed the NIST webmaster to get things fixed ASAP. My apologies for any confusion. My apologies. Thanks, Tim Polk On Nov 19, 2008, at 6:44 PM, Tim Polk wrote: > Folks, > > I though that SAAG and CFRG members might be interested in the > following announcement: > >> As stated in the November 12, 2008 Federal Register Notice, NIST >> requests final comments on draft FIPS 186-3, the proposed revision >> of FIPS 186-2, the Digital Signature Standard. The draft defines >> methods for digital signature generation that can be used for the >> protection of messages, and for the verification and validation of >> those digital signatures using DSA, RSA and ECDSA. Please submit >> comments to ebarker@nist.gov with "Comments on Draft 186-3" in the >> subject line. The comment period closes on December 19, 2008. >> > > Most significantly, this document (if approved) will provide a > standard reference for the Digital Signature Algorithm (DSA) with > larger key sizes. FIPS 186-2 limited DSA keys to 1024 bits. > > The Federal Register Notice is available at > > http://csrc.nist.gov/fedreg/ > FRN_Nov12-2008_Vol73No219_FIPS186-3.pdf > > and the draft FIPS is available at > > http://csrc.nist.gov/publications/drafts/fips_186-3/ > Draft_FIPS-186-3%20_November2008.pdf > > Any comments would be appreciated. Note the deadline of December > 19, 2008. NIST hopes to resolve all public comments expeditiously, > so this should be considered a hard deadline. > > Thanks, > > Tim Polk > > > > > _______________________________________________ Cfrg mailing list Cfrg@irtf.org https://www.irtf.org/mailman/listinfo/cfrg From cfrg-bounces@irtf.org Wed Nov 19 20:23:22 2008 Return-Path: X-Original-To: cfrg-archive@megatron.ietf.org Delivered-To: ietfarch-cfrg-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A967B3A686B; Wed, 19 Nov 2008 20:23:22 -0800 (PST) X-Original-To: cfrg@core3.amsl.com Delivered-To: cfrg@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CA9773A686B for ; Wed, 19 Nov 2008 20:23:20 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.599 X-Spam-Level: X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ydTH3G-4Ld92 for ; Wed, 19 Nov 2008 20:23:19 -0800 (PST) Received: from mailhost.auckland.ac.nz (curly.its.auckland.ac.nz [130.216.12.33]) by core3.amsl.com (Postfix) with ESMTP id 2CB073A681C for ; Wed, 19 Nov 2008 20:23:17 -0800 (PST) Received: from localhost (localhost.localdomain [127.0.0.1]) by mailhost.auckland.ac.nz (Postfix) with ESMTP id 0A0E39D370; Thu, 20 Nov 2008 17:23:13 +1300 (NZDT) X-Virus-Scanned: by amavisd-new at mailhost.auckland.ac.nz Received: from mailhost.auckland.ac.nz ([127.0.0.1]) by localhost (curly.its.auckland.ac.nz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UQ4gCD7-xg2c; Thu, 20 Nov 2008 17:23:12 +1300 (NZDT) Received: from iris.cs.auckland.ac.nz (iris.cs.auckland.ac.nz [130.216.33.152]) by mailhost.auckland.ac.nz (Postfix) with ESMTP id 7DAE49D238; Thu, 20 Nov 2008 17:23:07 +1300 (NZDT) Received: from wintermute01.cs.auckland.ac.nz (wintermute01.cs.auckland.ac.nz [130.216.34.38]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by iris.cs.auckland.ac.nz (Postfix) with ESMTP id 13DA61A04001; Thu, 20 Nov 2008 17:23:07 +1300 (NZDT) Received: from pgut001 by wintermute01.cs.auckland.ac.nz with local (Exim 4.63) (envelope-from ) id 1L314M-0002iT-UD; Thu, 20 Nov 2008 17:23:06 +1300 From: pgut001@cs.auckland.ac.nz (Peter Gutmann) To: cfrg@ietf.org, tim.polk@nist.gov In-Reply-To: Message-Id: Date: Thu, 20 Nov 2008 17:23:06 +1300 Subject: Re: [Cfrg] Requesting guidance on key sizes for 3850bis and 3851bis X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: cfrg-bounces@irtf.org Errors-To: cfrg-bounces@irtf.org Tim Polk writes: >Given the lack of response from the wider community, I would greatly >appreciate any input the CFRG can provide. I would strongly support finally deprecating keys < 1024 bits, for two reasons. Firstly, anyone using these is going to get dinged by security auditors if they see 512-bit keys used, and it'll cause problems with things like FIPS 140 certifications as well [0], which means that it's going to bite people at some point regardless of whether the specs (appear to) allow it. Secondly, it would finally provide a means of ending the pointless arguments over "we can keep on using 512-bit keys in perpetuity because there's nothing in the spec that says we can't" that vendors tend to use when customers ask why their product doesn't support certain security features. (Just out of interest, who is actually being helped by a spec that still allows 512-bit keys in 2009 and beyond?). Peter. [0] That's a generalisation, in practice it's the usual crapshoot, some labs will allow < 1024-bit keys and some won't. For my own code I've had one lab pass 512-bit keys OK and another one say that any ability to use keys of less than 1024 bits would mean it couldn't be evaluated. In another, more amusing case reported to me by someone else, they got one lab to OK it at 512 bits, then a second lab required them to submit paperwork showing that they blocked all keys of less than 1024 bits, and after they did that the first lab complained that they were failing their tests on 512-bit keys. In the end they just declared that their product didn't support any keys less than 1024 bits and everything was OK. _______________________________________________ Cfrg mailing list Cfrg@irtf.org https://www.irtf.org/mailman/listinfo/cfrg From cfrg-bounces@irtf.org Thu Nov 20 06:08:55 2008 Return-Path: X-Original-To: cfrg-archive@megatron.ietf.org Delivered-To: ietfarch-cfrg-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0C1513A6A21; Thu, 20 Nov 2008 06:08:55 -0800 (PST) X-Original-To: cfrg@core3.amsl.com Delivered-To: cfrg@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EFE353A6B94; Thu, 20 Nov 2008 06:08:53 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PT1Dz4669Lys; Thu, 20 Nov 2008 06:08:53 -0800 (PST) Received: from balder-227.proper.com (properopus-pt.tunnel.tserv3.fmt2.ipv6.he.net [IPv6:2001:470:1f04:392::2]) by core3.amsl.com (Postfix) with ESMTP id F242F3A680A; Thu, 20 Nov 2008 06:08:52 -0800 (PST) Received: from [130.129.94.237] ([130.129.78.184]) (authenticated bits=0) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id mAKE8gFj012209 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 20 Nov 2008 07:08:46 -0700 (MST) (envelope-from paul.hoffman@vpnc.org) Mime-Version: 1.0 Message-Id: In-Reply-To: <3E7B31BE-920D-4C79-9FF4-BCB07309AF43@nist.gov> References: <3E7B31BE-920D-4C79-9FF4-BCB07309AF43@nist.gov> Date: Thu, 20 Nov 2008 08:08:41 -0600 To: Tim Polk , saag@ietf.org, cfrg@ietf.org From: Paul Hoffman Subject: Re: [Cfrg] [saag] NIST requests public comments on revision of FIPS 186-3 (DSS) X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: cfrg-bounces@irtf.org Errors-To: cfrg-bounces@irtf.org At 6:44 PM -0600 11/19/08, Tim Polk wrote: >Most significantly, this document (if approved) will provide a standard reference for the Digital Signature Algorithm (DSA) with larger key sizes. FIPS 186-2 limited DSA keys to 1024 bits. Some might disagree with "most significantly". In addition to what you said, Draft FIPS 186-3 also has added two new formats for RSA signatures. Those should probably be reviewed more heavily in our community than the obvious change above. --Paul Hoffman, Director --VPN Consortium _______________________________________________ Cfrg mailing list Cfrg@irtf.org https://www.irtf.org/mailman/listinfo/cfrg From cfrg-bounces@irtf.org Thu Nov 20 12:13:22 2008 Return-Path: X-Original-To: cfrg-archive@megatron.ietf.org Delivered-To: ietfarch-cfrg-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0DE933A6992; Thu, 20 Nov 2008 12:13:22 -0800 (PST) X-Original-To: cfrg@core3.amsl.com Delivered-To: cfrg@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C980F3A6992 for ; Thu, 20 Nov 2008 12:13:20 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.599 X-Spam-Level: X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wnGWTA3Q8SJs for ; Thu, 20 Nov 2008 12:13:20 -0800 (PST) Received: from merrymeet.com (merrymeet.com [66.93.68.160]) by core3.amsl.com (Postfix) with ESMTP id E21653A6986 for ; Thu, 20 Nov 2008 12:13:19 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by merrymeet.com (Postfix) with ESMTP id 0C1BA2E1DA for ; Thu, 20 Nov 2008 12:17:30 -0800 (PST) Received: from merrymeet.com ([127.0.0.1]) by localhost (host.domain.tld [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 54314-03 for ; Thu, 20 Nov 2008 12:17:27 -0800 (PST) Received: from keys.merrymeet.com (keys.merrymeet.com [66.93.68.161]) (Authenticated sender: jon) by merrymeet.com (Postfix) with ESMTPA id 52BB32E098 for ; Thu, 20 Nov 2008 12:17:27 -0800 (PST) Received: from [192.168.2.186] ([64.1.215.244]) by keys.merrymeet.com (PGP Universal service); Thu, 20 Nov 2008 11:14:15 -0800 X-PGP-Universal: processed; by keys.merrymeet.com on Thu, 20 Nov 2008 11:14:15 -0800 Message-Id: <670355FE-B018-40C5-B4BB-7892D6EDD3E0@callas.org> From: Jon Callas To: Tim Polk In-Reply-To: Mime-Version: 1.0 (Apple Message framework v929.2) Date: Thu, 20 Nov 2008 12:13:13 -0800 References: X-Mailer: Apple Mail (2.929.2) X-PGP-Encoding-Format: Partitioned X-PGP-Encoding-Version: 2.0.2 X-Content-PGP-Universal-Saved-Content-Transfer-Encoding: 7bit X-Content-PGP-Universal-Saved-Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes X-Virus-Scanned: Maia Mailguard Cc: cfrg@ietf.org Subject: Re: [Cfrg] Requesting guidance on key sizes for 3850bis and 3851bis X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: cfrg-bounces@irtf.org Errors-To: cfrg-bounces@irtf.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > > The relevant excerpt from the Last Call for 'Secure/Multipurpose > Internet Mail Extensions (S/MIME) Version 3.2 Message > Specification', > >> >> In particular, the IESG solicits comments on the cryptographic >> strength >> requirements specified in section 4.1 through 4.5, and the following >> statement from Section 6, Security Considerations: >> >> "Today, 512-bit RSA, DSA and DH keys are considered by many experts >> to be cryptographically insecure." This is definitely a true statement. The agreed-upon equivalencies for crypto-balance says that a 512-bit public key corresponds to 56-bit symmetric crypto. Many experts think that 56-bit crypto is cryptographically insecure. This is a "many" in the same sense that "many" doctors think that smoking is bad for you. >> >> >> These sections allow the continued use of RSA, DSA, and DH key >> lengths >> between 512 and 1024 bits. Given that other organizations are moving >> to a minimum key length of 2048 bits, the IESG wishes to verify IETF >> consensus for the cryptographic minimums in this document. >> I think anyone who is using a key less than 1024 bits is just plain daft. Even people using 1024 bit keys need to look deep within their soul and ask themselves when they're going to upgrade. (I'm one of those people -- I have a 1024-bit DSA key -- and the answer is, "Soon and will you stop nagging me?") Anyone who is creating new keys should be making them larger than 1024. A 1024-bit public key corresponds to 80-bit security, which NIST says ought to be phased out in 2010. This is why I'm being squishy -- an important use-before date on 1024-bit keys isn't here, but it's close enough that new projects will cause themselves problems by using 1024-bit keys. Better to just go to 2048 now. Jon -----BEGIN PGP SIGNATURE----- Version: PGP Universal 2.6.3 Charset: US-ASCII wj8DBQFJJbcHsTedWZOD3gYRAms7AKCsFET9lXBqZMbsMhhw0zQ2ef57dACfZJt/ 0jLuU7fOoExL4uwVebqfLtM= =IWf9 -----END PGP SIGNATURE----- _______________________________________________ Cfrg mailing list Cfrg@irtf.org https://www.irtf.org/mailman/listinfo/cfrg From cfrg-bounces@irtf.org Thu Nov 20 13:17:30 2008 Return-Path: X-Original-To: cfrg-archive@megatron.ietf.org Delivered-To: ietfarch-cfrg-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0AE453A6A77; Thu, 20 Nov 2008 13:17:30 -0800 (PST) X-Original-To: cfrg@core3.amsl.com Delivered-To: cfrg@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 402363A68C5; Thu, 20 Nov 2008 13:17:29 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.979 X-Spam-Level: X-Spam-Status: No, score=-1.979 tagged_above=-999 required=5 tests=[AWL=-0.620, BAYES_00=-2.599, SARE_LWSHORTT=1.24] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8SHUdM6qz2Rz; Thu, 20 Nov 2008 13:17:28 -0800 (PST) Received: from vms173005pub.verizon.net (vms173005pub.verizon.net [206.46.173.5]) by core3.amsl.com (Postfix) with ESMTP id 9F36A28C269; Thu, 20 Nov 2008 13:17:27 -0800 (PST) Received: from [130.129.31.126] by vms173005.mailsrvcs.net (Sun Java System Messaging Server 6.2-6.01 (built Apr 3 2006)) with ESMTPA id <0KAN00AD7HSRLZ12@vms173005.mailsrvcs.net>; Thu, 20 Nov 2008 15:17:15 -0600 (CST) Date: Thu, 20 Nov 2008 15:17:13 -0600 From: Tim Polk In-reply-to: To: Paul Hoffman Message-id: MIME-version: 1.0 (Apple Message framework v753.1) X-Mailer: Apple Mail (2.753.1) References: <3E7B31BE-920D-4C79-9FF4-BCB07309AF43@nist.gov> Cc: cfrg@ietf.org, saag@ietf.org Subject: Re: [Cfrg] [saag] NIST requests public comments on revision of FIPS 186-3 (DSS) X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed"; DelSp="yes" Sender: cfrg-bounces@irtf.org Errors-To: cfrg-bounces@irtf.org Paul, Thanks for the reminder. I was thinking of 2048 bit DSA as particularly significant since it is blocking progression of some security area documents. Thinking short term, I'm afraid. Thanks, Tim On Nov 20, 2008, at 8:08 AM, Paul Hoffman wrote: > At 6:44 PM -0600 11/19/08, Tim Polk wrote: >> Most significantly, this document (if approved) will provide a >> standard reference for the Digital Signature Algorithm (DSA) with >> larger key sizes. FIPS 186-2 limited DSA keys to 1024 bits. > > Some might disagree with "most significantly". In addition to what > you said, Draft FIPS 186-3 also has added two new formats for RSA > signatures. Those should probably be reviewed more heavily in our > community than the obvious change above. > > --Paul Hoffman, Director > --VPN Consortium _______________________________________________ Cfrg mailing list Cfrg@irtf.org https://www.irtf.org/mailman/listinfo/cfrg From cfrg-bounces@irtf.org Thu Nov 20 13:34:11 2008 Return-Path: X-Original-To: cfrg-archive@megatron.ietf.org Delivered-To: ietfarch-cfrg-archive@core3.amsl.com Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0534B28C10C; Thu, 20 Nov 2008 13:34:11 -0800 (PST) X-Original-To: cfrg@core3.amsl.com Delivered-To: cfrg@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 66DB428C10C for ; Thu, 20 Nov 2008 13:34:09 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.599 X-Spam-Level: X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HI5YM4fxwTCF for ; Thu, 20 Nov 2008 13:34:08 -0800 (PST) Received: from machshav.com (machshav.com [198.180.150.44]) by core3.amsl.com (Postfix) with ESMTP id 9DEAA3A6906 for ; Thu, 20 Nov 2008 13:34:08 -0800 (PST) Received: by machshav.com (Postfix, from userid 512) id C833CAF678; Thu, 20 Nov 2008 21:34:06 +0000 (GMT) Received: from yellowstone.machshav.com (localhost [127.0.0.1]) by machshav.com (Postfix) with ESMTP id 6D96EAF639; Thu, 20 Nov 2008 21:34:06 +0000 (GMT) Received: from cs.columbia.edu (localhost [127.0.0.1]) by yellowstone.machshav.com (Postfix) with ESMTP id 92DCB8386A5; Thu, 20 Nov 2008 16:33:47 -0500 (EST) Date: Thu, 20 Nov 2008 16:33:47 -0500 From: "Steven M. Bellovin" To: Jon Callas Message-ID: <20081120163347.772513dd@cs.columbia.edu> In-Reply-To: <670355FE-B018-40C5-B4BB-7892D6EDD3E0@callas.org> References: <670355FE-B018-40C5-B4BB-7892D6EDD3E0@callas.org> Organization: Columbia University X-Mailer: Claws Mail 3.6.1 (GTK+ 2.14.3; x86_64--netbsd) Mime-Version: 1.0 Cc: Tim Polk , cfrg@ietf.org Subject: Re: [Cfrg] Requesting guidance on key sizes for 3850bis and 3851bis X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.9 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: cfrg-bounces@irtf.org Errors-To: cfrg-bounces@irtf.org On Thu, 20 Nov 2008 12:13:13 -0800 Jon Callas wrote: > Anyone who is creating new keys should be making them larger than > 1024. A 1024-bit public key corresponds to 80-bit security, which > NIST says ought to be phased out in 2010. This is why I'm being > squishy -- an important use-before date on 1024-bit keys isn't here, > but it's close enough that new projects will cause themselves > problems by using 1024-bit keys. Better to just go to 2048 now. Strong agreement. --Steve Bellovin, http://www.cs.columbia.edu/~smb _______________________________________________ Cfrg mailing list Cfrg@irtf.org https://www.irtf.org/mailman/listinfo/cfrg From anthonywaltonje@google.com Thu Nov 27 15:58:12 2008 Return-Path: X-Original-To: ietfarch-cfrg-archive@core3.amsl.com Delivered-To: ietfarch-cfrg-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DC0413A6B96; Thu, 27 Nov 2008 15:58:12 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -31.486 X-Spam-Level: X-Spam-Status: No, score=-31.486 tagged_above=-999 required=5 tests=[BAYES_99=3.5, DRUGS_ERECTILE=1, HELO_MISMATCH_COM=0.553, IMPOTENCE=1.886, MANGLED_DOSE=2.3, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, URIBL_BLACK=20, URIBL_JP_SURBL=10, URIBL_SBL=20, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zhUnbyt-SUTG; Thu, 27 Nov 2008 15:58:12 -0800 (PST) Received: from kyokodate.com (e177246214.adsl.alicedsl.de [85.177.246.214]) by core3.amsl.com (Postfix) with ESMTP id A795F3A6B22; Thu, 27 Nov 2008 15:58:11 -0800 (PST) Date: Thu, 27 Nov 2008 23:26:22 +0000 Message-ID: <1227828382.4546@google.com> From: "Anthony Walton" MIME-Version: 1.0 Subject: /iagr@ at $1.59 per d0$e 7eo0lt To: avt-archive@ietf.org, avt-owner@ietf.org, behave@ietf.org, bridge-mib@ietf.org, cfrg-archive@ietf.org, cfrg-web-archive@ietf.org X-Sender: Content-Type: text/plain; charset="iso-8859-2" Content-Transfer-Encoding: 8bit Dear avt-archive@ietf.org customer Sex can be one of the most enjoyable parts of your life. It strengthens relationships and adds excitement. Always be ready. http://familymedweb.com.es If you have a problem getting or keeping an erection, you are not alone. In fact, more than half of all men over forty have difficulties getting or maintaining an erection. This condition, called erectile dysfunction (ED), occurs with younger and older men as well, but there's a safe, effective and easy method of treatment: Viagra. When the time is right, you'll always be ready. * Learn more about Viagra * Order Viagra http://familymedweb.com.es ----------------------------------------