Re: [IPsec] updating ESP and AH requirements (was: Call for agenda items)
"Black, David" <david.black@emc.com> Fri, 26 October 2012 20:32 UTC
Return-Path: <david.black@emc.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA88721F859E for <ipsec@ietfa.amsl.com>; Fri, 26 Oct 2012 13:32:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.607
X-Spam-Level:
X-Spam-Status: No, score=-102.607 tagged_above=-999 required=5 tests=[AWL=-0.008, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i8J1Q+haYSwD for <ipsec@ietfa.amsl.com>; Fri, 26 Oct 2012 13:32:50 -0700 (PDT)
Received: from mexforward.lss.emc.com (hop-nat-141.emc.com [168.159.213.141]) by ietfa.amsl.com (Postfix) with ESMTP id 2BE0B21F84DF for <ipsec@ietf.org>; Fri, 26 Oct 2012 13:32:49 -0700 (PDT)
Received: from hop04-l1d11-si04.isus.emc.com (HOP04-L1D11-SI04.isus.emc.com [10.254.111.24]) by mexforward.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id q9QKWldp011639 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 26 Oct 2012 16:32:48 -0400
Received: from mailhub.lss.emc.com (mailhub.lss.emc.com [10.254.221.145]) by hop04-l1d11-si04.isus.emc.com (RSA Interceptor); Fri, 26 Oct 2012 16:32:36 -0400
Received: from mxhub05.corp.emc.com (mxhub05.corp.emc.com [128.222.70.202]) by mailhub.lss.emc.com (Switch-3.4.3/Switch-3.4.3) with ESMTP id q9QKWZb8002322; Fri, 26 Oct 2012 16:32:35 -0400
Received: from mx15a.corp.emc.com ([169.254.1.83]) by mxhub05.corp.emc.com ([128.222.70.202]) with mapi; Fri, 26 Oct 2012 16:32:35 -0400
From: "Black, David" <david.black@emc.com>
To: "David McGrew (mcgrew)" <mcgrew@cisco.com>, Paul Hoffman <paul.hoffman@vpnc.org>
Date: Fri, 26 Oct 2012 16:32:34 -0400
Thread-Topic: [IPsec] updating ESP and AH requirements (was: Call for agenda items)
Thread-Index: AQHNsLCzX8iZ5G5xwU6qUkkx6aDs75fGXhKAgACHiACABRybIA==
Message-ID: <8D3D17ACE214DC429325B2B98F3AE7120E04B46F@MX15A.corp.emc.com>
References: <08DDF08B-331F-43E7-9957-8624CBF3EE9F@vpnc.org> <747787E65E3FBD4E93F0EB2F14DB556B0F502CA2@xmb-rcd-x04.cisco.com>
In-Reply-To: <747787E65E3FBD4E93F0EB2F14DB556B0F502CA2@xmb-rcd-x04.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-EMM-MHVC: 1
Cc: IPsecme WG <ipsec@ietf.org>, "wajdi.k.feghali@intel.com" <wajdi.k.feghali@intel.com>
Subject: Re: [IPsec] updating ESP and AH requirements (was: Call for agenda items)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Oct 2012 20:32:51 -0000
Paul Hoffman wrote: > >You may be overstating that "many people" agree that it is worth doing, > >but it is certainly worth discussing. I'm definitely interested in that discussion, as I'm in the midst of an update to the IPsec requirements for iSCSI. David McGrew wrote: > The issue is that 3DES has a 64-bit block instead of a 128-bit block; > please see draft-irtf-cfrg-cipher-catalog-01 Section 2.2.3. (In > retrospect, there should have been a citation in the draft.) That suggests that an explanation of the birthday bound concern along with a discussion of transmission rate and rekeying concerns would be appropriate for the ESP and AH requirements draft, as opposed to a blanket "SHOULD NOT" statement for 3DES. A 1 Gbit/sec link running encrypted at line rate can get to the 4 Gigabyte birthday bound stated in the cfrg draft fairly quickly, but a much slower throughput rate may take much longer before rekeying becomes necessary, if ever (e.g., a remote access session's entire traffic may be measured in 10s of Megabytes or less). Aside - there may be a math error in the draft. For a block size (w) of 64 (i.e., 2^6): - w * 2^(w/2) bits = 2^6 * 2^32 bits = 2^38 bits - 2^38 bits is 2^35 bytes (byte contains 8=2^3 bits) - 2^35 bytes is 2^5 gigabytes (gigabyte contains 2^30 bits). That would be 32 gigabytes, but this aside doesn't change the above discussion, as a 1 Gbit/sec rate will get there in a few minutes, and a 10 Gbit/sec rate will get there in under a minute. Moreover the draft warns (with good reason) that getting close to the birthday bound is not a good idea. Thanks, --David ---------------------------------------------------- David L. Black, Distinguished Engineer EMC Corporation, 176 South St., Hopkinton, MA 01748 +1 (508) 293-7953 FAX: +1 (508) 293-7786 david.black@emc.com Mobile: +1 (978) 394-7754 ---------------------------------------------------- > -----Original Message----- > From: ipsec-bounces@ietf.org [mailto:ipsec-bounces@ietf.org] On Behalf Of > David McGrew (mcgrew) > Sent: Tuesday, October 23, 2012 8:37 AM > To: Paul Hoffman > Cc: IPsecme WG; wajdi.k.feghali@intel.com > Subject: Re: [IPsec] updating ESP and AH requirements (was: Call for agenda > items) > > > > On 10/22/12 8:32 PM, "Paul Hoffman" <paul.hoffman@vpnc.org> wrote: > > >On Oct 22, 2012, at 4:55 PM, David McGrew (mcgrew) <mcgrew@cisco.com> > >wrote: > > > >> One thing that deserves to be on the agenda is a discussion of the need > >>to > >> update the ESP and AH crypto requirements, which have not been updated > >> since 2007, and to provide guidance on how to use ESP and AH to achieve > >> security goals. I have a draft proposing what that could look like, > >> draft-mcgrew-ipsec-me-esp-ah-reqts-00. This is off-charter, but I > >> believe that it is something that many people would agree is worth > >>doing. > > > >You may be overstating that "many people" agree that it is worth doing, > >but it is certainly worth discussing. > > > >> Of course, comments on the detailed requirements are welcome as well. > > > >Your listing of TripleDES as "SHOULD NOT" without any cryptographic > >justification might raise some eyebrows. > > The issue is that 3DES has a 64-bit block instead of a 128-bit block; > please see draft-irtf-cfrg-cipher-catalog-01 Section 2.2.3. (In > retrospect, there should have been a citation in the draft.) > > David > > > > >--Paul Hoffman > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec
- [IPsec] Call for agenda items Paul Hoffman
- [IPsec] Call for agenda items Paul Hoffman
- Re: [IPsec] Call for agenda items Yaron Sheffer
- Re: [IPsec] Call for agenda items Paul Hoffman
- Re: [IPsec] Call for agenda items Yoav Nir
- Re: [IPsec] Call for agenda items Paul Hoffman
- Re: [IPsec] Call for agenda items Dan Harkins
- [IPsec] Call for agenda items Tero Kivinen
- [IPsec] Waiting for new version of draft-ietf-ips… Paul Hoffman
- Re: [IPsec] Call for agenda items Paul Hoffman
- Re: [IPsec] Call for agenda items Daniel Migault
- Re: [IPsec] Call for agenda items Tero Kivinen
- [IPsec] updating ESP and AH requirements (was: Ca… David McGrew (mcgrew)
- Re: [IPsec] updating ESP and AH requirements (was… Paul Hoffman
- Re: [IPsec] Call for agenda items Will Liu (Shucheng)
- Re: [IPsec] updating ESP and AH requirements (was… David McGrew (mcgrew)
- Re: [IPsec] Call for agenda items daniel migault
- Re: [IPsec] Call for agenda items Tero Kivinen
- Re: [IPsec] updating ESP and AH requirements (was… Black, David
- Re: [IPsec] updating ESP and AH requirements (was… Yoav Nir
- Re: [IPsec] updating ESP and AH requirements (was… Scott Fluhrer (sfluhrer)
- Re: [IPsec] updating ESP and AH requirements (was… Paul Hoffman
- Re: [IPsec] updating ESP and AH requirements Yaron Sheffer
- Re: [IPsec] updating ESP and AH requirements David McGrew (mcgrew)
- Re: [IPsec] updating ESP and AH requirements Yoav Nir
- Re: [IPsec] updating ESP and AH requirements David McGrew (mcgrew)