From nobody Mon Aug 5 11:27:08 2019 Return-Path: X-Original-To: hipsec@ietfa.amsl.com Delivered-To: hipsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E12A12004A for ; Mon, 5 Aug 2019 11:27:07 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.5 X-Spam-Level: X-Spam-Status: No, score=-0.5 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r-QFI_QpeUYj for ; Mon, 5 Aug 2019 11:27:06 -0700 (PDT) Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B76112003E for ; Mon, 5 Aug 2019 11:27:06 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 70206615EB for ; Mon, 5 Aug 2019 14:27:03 -0400 (EDT) X-Virus-Scanned: amavisd-new at htt-consult.com Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id FdxjxqA2QDiu for ; Mon, 5 Aug 2019 14:26:56 -0400 (EDT) Received: from lx140e.htt-consult.com (unknown [192.168.160.12]) (using TLSv1.2 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id F11E1615E6 for ; Mon, 5 Aug 2019 14:26:53 -0400 (EDT) To: HIP From: Robert Moskowitz Message-ID: <28534149-a6fb-1282-72a7-702a611f7fae@htt-consult.com> Date: Mon, 5 Aug 2019 14:26:45 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Archived-At: Subject: [Hipsec] Would HIP benefit by having a PAKE? X-BeenThere: hipsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Aug 2019 18:27:08 -0000 As part of developing the "Trustworthy Multipurpose Remote ID", I am going to add new crypto algorithms along the lines that I have in draft-moskowitz-small-crypto. The "open' question is that of a PAKE.  Would HIP benefit with a PAKE.  I really don't see it, but since I am opening up the crypto closet, I felt I had to consider the work on PAKE that CFRG has been doing the past few years. Keywrap as I have put into HIP DEX is a separate issue, which I do not believe (I could be wrong) PAKE would help with. I am interested in other's thoughts wrt to PAKE and HIP. thanks From nobody Wed Aug 14 06:00:34 2019 Return-Path: X-Original-To: hipsec@ietfa.amsl.com Delivered-To: hipsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 934DA12081E for ; Wed, 14 Aug 2019 06:00:32 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.898 X-Spam-Level: X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DtvSjJj7mZY4 for ; Wed, 14 Aug 2019 06:00:30 -0700 (PDT) Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9EED712081D for ; Wed, 14 Aug 2019 06:00:30 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 05839615E6 for ; Wed, 14 Aug 2019 09:00:29 -0400 (EDT) X-Virus-Scanned: amavisd-new at htt-consult.com Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id qB-TlmGp2PSy for ; Wed, 14 Aug 2019 09:00:22 -0400 (EDT) Received: from lx140e.htt-consult.com (unknown [192.168.160.12]) (using TLSv1.2 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id F133460964 for ; Wed, 14 Aug 2019 09:00:19 -0400 (EDT) To: HIP From: Robert Moskowitz Message-ID: <58cfb098-e007-ae40-7c1a-69cd49f90271@htt-consult.com> Date: Wed, 14 Aug 2019 09:00:10 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="------------BFD13B20CD8FA287FF6E8F9A" Content-Language: en-US Archived-At: Subject: [Hipsec] Making some sample Hierarchical HITs X-BeenThere: hipsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Aug 2019 13:00:33 -0000 This is a multi-part message in MIME format. --------------BFD13B20CD8FA287FF6E8F9A Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit This is connected to the Trustworthy Multipurpose Remote IDs (tm-rid@ietf.org) Right now I am working on what a eddsa pki would be that would back up the proposed HHITs and various repositories.  For this I want to generate some testing HHITs. These HHITs will be used in x.509 certs as in rfc 8002, but also as subjectName in the signing cert.  This causes some challenges as to how to present an IPv6 value in subjectName (this is a separate question from this missive). I will use openssl from my draft-moskowitz-eddsa-pki and HHIT format from draft-moskowitz-hierarchical-hip (sec 4). Note about current HHIT draft and sec 4.  When I did this, I was using ecdsa.  The revised version of this draft (soon to be published) uses eddsa and I am a bit unsure as to what hash I will recommend.  But for this stage, use ed25519/sha256. I make the ed25519 keypair with:    openssl genpkey -aes256 -algorithm ed25519 -outform pem -out entity.key.pem Note the keypair is encrypted; it contains the private key.  This can be viewed with:    openssl pkey -inform pem -in entity.key.pem -text -noout The public key can be extracted in DER format with:    openssl pkey -in entity.key.pem -out entity.pub.der -outform DER -pubout For the HHIT: HIT SUITE ID = 4 RAA = 10 HDA = 20 It would be great to have this as a python or perl script.  That way I may learn something along the way. Inputs are: key file name key password HIT Suite ID RRA HDA Output should be: the HHIT in 128bit binary to some file the HHIT in ipv6 : display format Thanks on any help. Bob --------------BFD13B20CD8FA287FF6E8F9A Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit
This is connected to the Trustworthy Multipurpose Remote IDs (tm-rid@ietf.org)

Right now I am working on what a eddsa pki would be that would back up the proposed HHITs and various repositories.  For this I want to generate some testing HHITs.

These HHITs will be used in x.509 certs as in rfc 8002, but also as subjectName in the signing cert.  This causes some challenges as to how to present an IPv6 value in subjectName (this is a separate question from this missive).

I will use openssl from my draft-moskowitz-eddsa-pki and HHIT format from draft-moskowitz-hierarchical-hip (sec 4).

Note about current HHIT draft and sec 4.  When I did this, I was using ecdsa.  The revised version of this draft (soon to be published) uses eddsa and I am a bit unsure as to what hash I will recommend.  But for this stage, use ed25519/sha256.


I make the ed25519 keypair with:

   openssl genpkey -aes256 -algorithm ed25519 -outform pem -out entity.key.pem

Note the keypair is encrypted; it contains the private key.  This can be viewed with:

   openssl pkey -inform pem -in entity.key.pem -text -noout

The public key can be extracted in DER format with:

   openssl pkey -in entity.key.pem -out entity.pub.der -outform DER -pubout

For the HHIT:

HIT SUITE ID = 4
RAA = 10
HDA = 20

It would be great to have this as a python or perl script.  That way I may learn something along the way.

Inputs are:

key file name
key password
HIT Suite ID
RRA
HDA

Output should be:

the HHIT in 128bit binary to some file
the HHIT in ipv6 : display format

Thanks on any help.

Bob


--------------BFD13B20CD8FA287FF6E8F9A-- From nobody Wed Aug 21 13:46:36 2019 Return-Path: X-Original-To: hipsec@ietfa.amsl.com Delivered-To: hipsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3EF71200B1 for ; Wed, 21 Aug 2019 13:46:34 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.5 X-Spam-Level: X-Spam-Status: No, score=-0.5 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K9eAszb9pf_A for ; Wed, 21 Aug 2019 13:46:31 -0700 (PDT) Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA459120091 for ; Wed, 21 Aug 2019 13:46:31 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 5906C62110 for ; Wed, 21 Aug 2019 16:46:30 -0400 (EDT) X-Virus-Scanned: amavisd-new at htt-consult.com Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id OcZtMuGYHrKW for ; Wed, 21 Aug 2019 16:46:28 -0400 (EDT) Received: from lx140e.htt-consult.com (unknown [192.168.160.12]) (using TLSv1.2 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id 3B99760933 for ; Wed, 21 Aug 2019 16:46:26 -0400 (EDT) To: HIP From: Robert Moskowitz Message-ID: Date: Wed, 21 Aug 2019 16:46:17 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Archived-At: Subject: [Hipsec] X.509 CSR in HIP registration X-BeenThere: hipsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Aug 2019 20:46:35 -0000 I have been working on my Hierarchical HIT drafts.  I have been testing building x.509 certs with them as the SAN.  Thing is were do these certs come from? So I moved on to when the device uses HIP Registration to register the HHIT to its Registry, it could present a CSR in the payload and if successfully registered (no duplicate HIT and policy test passes), would receive the cert back. Has anyone looked at this in the past?  8002 assumes the cert was created some other way.  I am looking at the cert as a sort of proof of registration. Opinions? Bob From nobody Thu Aug 22 14:11:32 2019 Return-Path: X-Original-To: hipsec@ietfa.amsl.com Delivered-To: hipsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1219412012A for ; Thu, 22 Aug 2019 14:11:31 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.9 X-Spam-Level: X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BgtFXysxyfJC for ; Thu, 22 Aug 2019 14:11:28 -0700 (PDT) Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B427F1200A4 for ; Thu, 22 Aug 2019 14:11:28 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 6973A6210F for ; Thu, 22 Aug 2019 17:11:27 -0400 (EDT) X-Virus-Scanned: amavisd-new at htt-consult.com Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 8orznCtzjgMG for ; Thu, 22 Aug 2019 17:11:25 -0400 (EDT) Received: from lx140e.htt-consult.com (unknown [192.168.160.12]) (using TLSv1.2 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id 832E460964 for ; Thu, 22 Aug 2019 17:11:23 -0400 (EDT) To: HIP From: Robert Moskowitz Message-ID: <5778180d-eee9-7979-5bae-e144ba68c5ac@htt-consult.com> Date: Thu, 22 Aug 2019 17:11:15 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Archived-At: Subject: [Hipsec] Using cSHAKE for ORCHID X-BeenThere: hipsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Aug 2019 21:11:31 -0000 I am working on a new set of crypto for HIP.  This is to take advantage of advancements and hopefully make things better in small things. I have been looking at FIPS 202 and NIST 800-185 for the new hash and MACing.  In particular SHAKE and KMAC. Right now, NIST only specifies b=1600 for the KECCAK function under these, but b=800 is also possible and for SHAKE128 and KMAC128, b=400 is also an option.  I have informally heard that NIST is working on how these smaller sponges can be used where appropriate (small things). But let's ignore the sponge size for the moment. In my reading of RFC 7343 and cSHAKE for 800-185, we could replace: encode96(sha256(Context ID|Input)) where sha256 is from the OGA ID with cSHAKE128(Input,96,"",Context ID) I invite others to look at 202 and 800-185 and see what I am talking about here. For Hierarchical HITs it changes to: cSHAKE128(Input,64,"",Context ID) Though where Input is only the 32 bytes of ed25519, I need to research this more for overall strength, but 202 seems to say that it does work well with very short inputs. Looking for other's thoughts on this. Bob From nobody Wed Aug 28 13:43:42 2019 Return-Path: X-Original-To: hipsec@ietfa.amsl.com Delivered-To: hipsec@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20AE6120089 for ; Wed, 28 Aug 2019 13:43:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.001 X-Spam-Level: X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id slYHGHeApSOj for ; Wed, 28 Aug 2019 13:43:38 -0700 (PDT) Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E57F012004C for ; Wed, 28 Aug 2019 13:43:37 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 34ED962120 for ; Wed, 28 Aug 2019 16:43:35 -0400 (EDT) X-Virus-Scanned: amavisd-new at htt-consult.com Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id GHc9AldIYAN3 for ; Wed, 28 Aug 2019 16:43:30 -0400 (EDT) Received: from lx140e.htt-consult.com (unknown [192.168.160.12]) (using TLSv1.2 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id 185636211D for ; Wed, 28 Aug 2019 16:43:28 -0400 (EDT) To: HIP From: Robert Moskowitz Message-ID: <920b8101-60ac-2ef4-9d9e-e4eb2d65663d@htt-consult.com> Date: Wed, 28 Aug 2019 16:43:20 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Archived-At: Subject: [Hipsec] New crypto for HIP X-BeenThere: hipsec@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Aug 2019 20:43:40 -0000 I am a bit frustrated here on delays on a number of fronts. I have been working silently to put some final touches on DEX and discussions on Native NAT. But more time on Hierarchical HITs, along with advancements in cryptography. I am looking for a co-author that is familiar with HIP's crypto use and Edward Curves and Keccek.  The goal is to provide all HIP crypto with these new algorithms.  A device will not need any of the old asymmetric or symmetric crypto if it follows this draft. Of course that violates some of the MUSTs in BEX, but I am thinking about how to finesse that in constrained environments... Bob