[Ach] NIST review of cryptographic standards

Thomas Schreck tom at schreck-thomas.de
Thu Nov 7 00:22:06 CET 2013


Hi Maarten,

> You are right. Today it would be difficult to add them to a default
> configuration, as the support simply is not there on the server or
> client side, but in the near future these will make good alternatives
> for things like AES-GCM.

definitely! But it takes time that everyone adoptes the ciphers and we
have a wide-spread usage of them ...

> 
> That actually brings up a more process comment- I think it pays to think
> about setting expectations with consumers of the configurations that
> these configurations needs to be considered agile, and that the
> recommended configurations will change over time and will need to be
> updated. Perhaps even test and flag what the most common break scenarios
> are between updates (e.g. error message, hanging connection, ...), so
> administrators do not just roll back completely if permitting a single
> weaker cipher would address the break scenario.

Totally agree with you. There must be a scope.

@Aaron: Your idea using a support matrix may be a good starting point.

Regarding websites which checks for conformity, I really like Peter's
Jabber/XMPP Testwebsite https://xmpp.net/index.php

Thomas

> 
> Cheers,
> Maarten
> 
> 
> On Wed, Nov 6, 2013 at 2:51 PM, Thomas Schreck <tom at schreck-thomas.de
> <mailto:tom at schreck-thomas.de>> wrote:
> 
>     Hi Maarten,
> 
>     so we cannot really recommend that ciphers but good to see that they are
>     working on improving that.
> 
>     Thomas
> 
>     On 06/11/13 23:45, Maarten Van Horenbeeck wrote:
>     > Hi Thomas,
>     >
>     > For ChaCha20, there's basic support already in Mozilla:
>     > https://bugzilla.mozilla.org/show_bug.cgi?id=917571
>     >
>     > Adam Langley, Ben Laurie, Elie Bursztein and others are also driving
>     > development in other client libraries like NSS and OpenSSL:
>     > https://www.imperialviolet.org/2013/10/07/chacha20.html
>     >
>     > There's support for Rabbit in CyaSSL, but I don't see a lot of
>     practical
>     > support for it emerging outside of that library.
>     >
>     > Cheers,
>     > Maarten
>     >
>     >
>     > On Wed, Nov 6, 2013 at 1:43 PM, Thomas Schreck
>     <tom at schreck-thomas.de <mailto:tom at schreck-thomas.de>>wrote:
>     >
>     >>
>     >> Hi Maarten,
>     >>>
>     >>> E.g. it recommends Rabbit as a stream cipher, instead of
>     Salsa20, which
>     >> is
>     >>> pretty popular (e.g.
>     >>> http://tools.ietf.org/html/draft-josefsson-salsa20-tls-02). Both
>     were
>     >> part
>     >>> of the eSTREAM portfolio recommendation for software
>     implementations.
>     >>
>     >> are there any implementations of that ciphers despite the
>     reference ones?
>     >>
>     >> Thomas
>     >>
>     >>>
>     >>> Cheers,
>     >>> Maarten
>     >>>
>     >>>
>     >>> On Mon, Nov 4, 2013 at 5:57 AM, Thomas Schreck
>     <tom at schreck-thomas.de <mailto:tom at schreck-thomas.de>
>     >>> wrote:
>     >>>
>     >>>> BSI is also providing a list of recommended key lengths
>     >>>>
>     >>>>
>     >>
>     https://www.bsi.bund.de/DE/Publikationen/TechnischeRichtlinien/tr02102/index_htm.html
>     >>>>
>     >>>> German only ...
>     >>>>
>     >>>> Am 04.11.2013 14:15, schrieb L. Aaron Kaplan:
>     >>>>>
>     >>>>> On Nov 4, 2013, at 2:04 PM, Aaron Zauner <azet at azet.org
>     <mailto:azet at azet.org>> wrote:
>     >>>>>
>     >>>>>> Hi *,
>     >>>>>>
>     >>>>>> This might be of interest:
>     >>>> http://csrc.nist.gov/groups/ST/crypto-review/index.html
>     >>>>>>
>     >>>>> Thanks, I updated the section methods.tex accordingly.
>     >>>>>
>     >>>>> $ git pull
>     >>>>>
>     >>>>>
>     >>>>> a.
>     >>>>>
>     >>>>>> Aaron
>     >>>>>> _______________________________________________
>     >>>>>> Ach mailing list
>     >>>>>> Ach at lists.cert.at <mailto:Ach at lists.cert.at>
>     >>>>>> http://lists.cert.at/cgi-bin/mailman/listinfo/ach
>     >>>>>
>     >>>>> ---
>     >>>>> // L. Aaron Kaplan <kaplan at cert.at <mailto:kaplan at cert.at>> -
>     T: +43 1 5056416 78 <tel:%2B43%201%205056416%2078>
>     >>>>> // CERT Austria - http://www.cert.at/
>     >>>>> // Eine Initiative der nic.at <http://nic.at> GmbH -
>     http://www.nic.at/
>     >>>>> // Firmenbuchnummer 172568b, LG Salzburg
>     >>>>>
>     >>>>>
>     >>>>>
>     >>>>>
>     >>>>>
>     >>>>>
>     >>>>> _______________________________________________
>     >>>>> Ach mailing list
>     >>>>> Ach at lists.cert.at <mailto:Ach at lists.cert.at>
>     >>>>> http://lists.cert.at/cgi-bin/mailman/listinfo/ach
>     >>>>>
>     >>>>
>     >>>>
>     >>>> _______________________________________________
>     >>>> Ach mailing list
>     >>>> Ach at lists.cert.at <mailto:Ach at lists.cert.at>
>     >>>> http://lists.cert.at/cgi-bin/mailman/listinfo/ach
>     >>>>
>     >>>>
>     >>>
>     >> _______________________________________________
>     >> Ach mailing list
>     >> Ach at lists.cert.at <mailto:Ach at lists.cert.at>
>     >> http://lists.cert.at/cgi-bin/mailman/listinfo/ach
>     >>
>     >
>     _______________________________________________
>     Ach mailing list
>     Ach at lists.cert.at <mailto:Ach at lists.cert.at>
>     http://lists.cert.at/cgi-bin/mailman/listinfo/ach
> 
> 



More information about the Ach mailing list