Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

6.2.9 and CCM-8 #2485

Open
randomstuff opened this issue Dec 22, 2024 · 6 comments
Open

6.2.9 and CCM-8 #2485

randomstuff opened this issue Dec 22, 2024 · 6 comments
Labels
5) awaiting PR A proposal hs been accepted and reviewed and we are now waiting for a PR V6 _5.0 - prep This needs to be addressed to prepare 5.0

Comments

@randomstuff
Copy link
Contributor

Since #2482, 6.2.9 is:

6.2.9 [ADDED] Verify that all cryptographic primitives utilize a minimum of 128-bits of security based on the algorithm, key size, and configuration. For example, a 256-bit ECC key provides roughly 128 bits of security where RSA requires a 3072-bit key to achieve 128 bits of security.

CCM-8 is still listed in the approved algorithms. However, its authentication tag only has 64 bits of security and does not respect this minimum of 128-bits of security.

There seems to be a conflict between these. How should be fix this?

Possible options:

  • add some exception in 6.2.9 in order to allow CCM-8 in certain contexts ("unless some additional measure to prevent forgery of messages is used");
  • do not approve CCM-8.

I don't have a strong opinion on this and I don't know if CCM-8 is really used/useful nowadays. The safest choice seems to disapprove CCM-8. Unless/until someone come forwards with further input, I would suggest taking this approach.

See as well discussion in #2413 for more info about CCM-8.
@elarlang elarlang added 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet _5.0 - prep This needs to be addressed to prepare 5.0 V6 labels Dec 23, 2024
@jmanico
Copy link
Member

jmanico commented Jan 1, 2025

Seems like getting rid of it is the right way to go.

@tghosth
Copy link
Collaborator

tghosth commented Jan 5, 2025

@randomstuff can you prepare a PR that captures the feedback from this issue and also #2143.

Does using the disclaimer from here help with this issue?
#2413 (comment)

It sounds like they did have a reason for including it so I would be cautious about reversing it.

@tghosth
Copy link
Collaborator

tghosth commented Jan 16, 2025

Ping @randomstuff :)

@randomstuff
Copy link
Contributor Author

Woops sorry, I'll do that!

By the way, I think you linked to the wrong issue in your previous comment :)

@tghosth tghosth added 5) awaiting PR A proposal hs been accepted and reviewed and we are now waiting for a PR and removed 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet labels Jan 16, 2025
@randomstuff
Copy link
Contributor Author

@unprovable, any opinion on this?

@randomstuff randomstuff mentioned this issue Jan 16, 2025
Open
@randomstuff
Copy link
Contributor Author

I searched https://clienttest.ssllabs.com:8443 and did not find a client with support for this (is it supported by the TLS client test?). I made a PR to disapprove it. I believe it won't be missed.

If anyone thinks it should be approved, please comment here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
5) awaiting PR A proposal hs been accepted and reviewed and we are now waiting for a PR V6 _5.0 - prep This needs to be addressed to prepare 5.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jmanico @randomstuff @tghosth @elarlang