IETF CSI - CGA and SEND Mantenance WG ()

Tony Cheneau | 20 Jul 2010 11:59

Typos in draft-ietf-csi-hash-threat-10 + little comment

Hello Ana, Suresh and Sheng,

I read your document and noted the following typos:

Section 3:
theaforementioned => the aforementioned

Section 5:
"the attacks against hash functions hash attacks" => "the attacks
against hash functions"

Also, I see that section 4 from the -09 version has been removed ("Support 
for the hash agility in SEND"). I read the IESG evaluation record and I 
fail to see why this part was removed. Could you detail this decision ? 
IMHO, this section was especially important because RFC 4982 only 
describes CGA related issues and not SEND issues.

Regards,
 	Tony

headers

Ana Kukec | 21 Jul 2010 17:55

Re: Typos in draft-ietf-csi-hash-threat-10 + little comment

Hi Tony,

Thank you for your comments.

We've deleted Section 4 due to the conclusion that the only practically 
possible attacks are the ones caused by CGAs themselves. There are 
other, theoretically possible attacks, that may be launched once in a 
future when the one-way property of hash functions will be severely 
affected. Even though we came up with few solutions and their analysis 
about providing the hash agility for SEND, we decided to  remove that 
section because our analysis showed that there are no attacks that can 
be launched now or in the near future (i.e. as long as we are dealing 
"only" with affected collision property and not one-way hash property).

Ana

Tony Cheneau wrote:
> Hello Ana, Suresh and Sheng,
>
> I read your document and noted the following typos:
>
> Section 3:
> theaforementioned => the aforementioned
>
> Section 5:
> "the attacks against hash functions hash attacks" => "the attacks
> against hash functions"
>
> Also, I see that section 4 from the -09 version has been removed 
> ("Support for the hash agility in SEND"). I read the IESG evaluation

(Continue reading)

headers

Suresh Krishnan | 28 Jul 2010 11:15

Re: Typos in draft-ietf-csi-hash-threat-10 + little comment

Hi Tony,
  Thanks for the comments. 

> -----Original Message-----
> From: Tony Cheneau [mailto:tony.cheneau@...] 
> Sent: Tuesday, July 20, 2010 12:00 PM
> To: draft-ietf-csi-hash-threat@...
> Cc: cga-ext@...
> Subject: Typos in draft-ietf-csi-hash-threat-10 + little comment
> 
> Hello Ana, Suresh and Sheng,
> 
> I read your document and noted the following typos:
> 
> Section 3:
> theaforementioned => the aforementioned
> 
> Section 5:
> "the attacks against hash functions hash attacks" => "the 
> attacks against hash functions"

Will fix these.

> 
> Also, I see that section 4 from the -09 version has been 
> removed ("Support for the hash agility in SEND"). I read the 
> IESG evaluation record and I fail to see why this part was 
> removed. Could you detail this decision ? 
> IMHO, this section was especially important because RFC 4982 
> only describes CGA related issues and not SEND issues.

(Continue reading)