[Cryptography] a question on consensus over algorithmic agility

Christian Huitema huitema at huitema.net
Sat Jun 28 16:14:51 EDT 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> There's a very easy way to get around an apparent need for agility, and it's a simple 
> process: Select an algorithm set that is going to give you adequate security throughout 
> the total life of your protocol and then forbid people from using it for things you didn't 
> anticipate or for longer than the life of your protocol.

Actually, that could be a pretty good solution for the crypto version of TCP. By nature, crypto in TCP will have to be negotiated by some kind of SYN option. The option will have to say something like "let's use TCP crypt version N." Which means that even if there is only one cypher suite defined for version N, there is still a way out, just define version N+1.

The "whole version" negotiation has the advantage of dealing with protocol bugs as well as algorithm obsolescence, without requiring support of a zoo of algorithms at any given version.

- -- Christian Huitema
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)
Comment: Using gpg4o v3.3.26.5094 - http://www.gpg4o.com/
Charset: utf-8

iQEcBAEBAgAGBQJTryI6AAoJELba05IUOHVQpUIH/39lQdjIFYDxLYOlcAII/uBx
1fFYC+avEUTrBS3AATzcJepoQiDfvgYWhJ0czgZOwTwAl3gTPqXK6g6gxUkW8yYe
LZ8QLnBm3F6Yb5koy7w2e6M752pQM+PiOXJJtONQ2IuDkncP3W8wyDpNbiO4lWI5
pO3lqqnvYvS206kNHqay5Pa8owgEkFu8Cke1cOQ4Nkbd33knH5AvnA/gJhoFr2ae
1HRp+0msfwkQIXEW7q7xLYI0s2JQocIwedh0BHjAtJHTxJTUSKERUfokYVd0RPI4
3Lmyr3w6mmI/HhlSBwAQmIgKdacWVYEndml5/URtLyPqJBAJD/RgokUw8fon5AQ=
=hu3t
-----END PGP SIGNATURE-----



More information about the cryptography mailing list