Re: [TLS] Draft for SM cipher suites used in TLS1.3
Hi Rene: Thanks a lot for the comment. > On Aug 15, 2019, at 11:34 PM, Rene Struik wrote: > > Hi Paul: > > I tried and look up the documents GMT.0009-2012 and GBT.32918.5-2016 on the > (non-secured) websites you referenced, but only found Chinese versions (and > Chinese website navigation panels [pardon my poor language skills here]). > Since the ISO documents are not available to the general public without > payment, it would be helpful to have a freely available document (in English) > from an authoritative source. Having such a reference available would be > helpful to the IETF community (and researchers). Please note that BSI > provides its specifications in German and English, so as to foster use/study > by the community. If the Chinese national algorithms would be available in > similar form, this would serve a similar purpose. We also struggled with what references to use when this draft was being written. As far as I know, there are not many official English translations for the SM algorithms freely available online. But there are some not that ‘official’ expired I-Ds posted to CFRG, they are all well organized and accurate documents on SM algorithms. Here is a list of them: SM2: https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 SM3: https://tools.ietf.org/html/draft-sca-cfrg-sm3-02 SM4: https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10 (No AEAD mode) When OpenSSL (and maybe BouncyCastle) started to accept these algorithms, the above drafts were mainly referenced. Unfotuantely I can’t find translation for GMT.0009-2012 online at current stage. So if you want to take a quick glance on how the algorithms are designed, the above links could be used. Meanwhile, we are now seeking official translations as well, will update the draft if we find any. > > FYI - I am interested in full details and some time last year I tried to > download specs, but only Parts 2, 4, and 5 were available [1], [2], [3], not > Parts 1 and 3. Part 1 is the generic information mainly on elliptic curve and Part 3 describes a key exchange scheme by using SM2 (including shared key derivation scheme). Actually Part 2 (the [2]) describes SM2 in ISO/IEC 14888-3:2018 and Part 5 (the [1]) is exactly GBT.32918.5-2016, as you mentioned above. Both of Part 2 and Part 5 could be used as references to this proposed new draft. Let me figure out the availability of Parts 1 & 3... > > Best regards, Rene > > [1] China ECC - Public Key Cryptographic Algorithm SM2 Based on ECC - Part 5 > - Parameter Definition (SEMB, July 24, 2018) > [2] China ECC - Public Key Cryptographic Algorithm SM2 Based on ECC - Part 2 > - Digital Signature Algorithm (SEMB, July 24, 2018) > [3] China ECC - Public Key Cryptographic Algorithm SM2 Based on ECC - Part 4 > - Public Key Encryption Algorithm (SEMB, July 24, 2018) > > On 8/15/2019 10:16 AM, Paul Yang wrote: >> Hi all, >> >> I have submitted a new internet draft to introduce the SM cipher suites into >> TLS 1.3 protocol. >> >> https://tools.ietf.org/html/draft-yang-tls-tls13-sm-suites-00 >> >> SM cryptographic algorithms are originally a set of Chinese national >> algorithms and now have been (or being) accepted by ISO as international >> standards, including SM2 signature algorithm, SM3 hash function and SM4 >> block cipher. These algorithms have already been supported some time ago by >> several widely used open source cryptographic libraries including >>OpenSSL, BouncyCastle, Botan, etc. >> >> Considering TLS1.3 is being gradually adopted in China's internet industry, >> it's important to have a normative definition on how to use the SM >> algorithms with TLS1.3, especially for the mobile internet scenario. Ant >> Financial is the company who develops the market leading mobile app 'Alipay' >> and supports payment services for Alibaba e-commerce business. We highly are >> depending on the new TLS1.3 protocol for both performance and security >> purposes. We expect to have more deployment of TLS1.3 capable applications >> in China's internet industry by this standardization attempts. >> >> It's very appreciated to have comments from the IETF TLS list :-) >> >> Many thanks! >> >> >> ___ >> TLS mailing list >> >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls > > > -- > email: > rstruik@gmail.com > | Skype: rstruik > cell: +1 (647) 867-5658 | US: +1 (415) 690-7363 > ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
Re: [TLS] Draft for SM cipher suites used in TLS1.3
Hi Rene: Thanks a lot for the comment. > On Aug 15, 2019, at 11:34 PM, Rene Struik wrote: > > Hi Paul: > > I tried and look up the documents GMT.0009-2012 and GBT.32918.5-2016 on the > (non-secured) websites you referenced, but only found Chinese versions (and > Chinese website navigation panels [pardon my poor language skills here]). > Since the ISO documents are not available to the general public without > payment, it would be helpful to have a freely available document (in English) > from an authoritative source. Having such a reference available would be > helpful to the IETF community (and researchers). Please note that BSI > provides its specifications in German and English, so as to foster use/study > by the community. If the Chinese national algorithms would be available in > similar form, this would serve a similar purpose. We also struggled with what references to use when this draft was being written. As far as I know, there are not many official English translations for the SM algorithms freely available online. But there are some not that ‘official’ expired I-Ds posted to CFRG, they are all well organized and accurate documents on SM algorithms. Here is a list of them: SM2: https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 SM3: https://tools.ietf.org/html/draft-sca-cfrg-sm3-02 SM4: https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10 (No AEAD mode) When OpenSSL (and maybe BouncyCastle) started to accept these algorithms, the above drafts were mainly referenced. Unfotuantely I can’t find translation for GMT.0009-2012 online at current stage. So if you want to take a quick glance on how the algorithms are designed, the above links could be used. Meanwhile, we are now seeking official translations as well, will update the draft if we find any. > > FYI - I am interested in full details and some time last year I tried to > download specs, but only Parts 2, 4, and 5 were available [1], [2], [3], not > Parts 1 and 3. Part 1 is the generic information mainly on elliptic curve and Part 3 describes a key exchange scheme by using SM2 (including shared key derivation scheme). Actually Part 2 (the [2]) describes SM2 in ISO/IEC 14888-3:2018 and Part 5 (the [1]) is exactly GBT.32918.5-2016, as you mentioned above. Both of Part 2 and Part 5 could be used as references to this proposed new draft. Let me figure out the availability of Parts 1 & 3... > > Best regards, Rene > > [1] China ECC - Public Key Cryptographic Algorithm SM2 Based on ECC - Part 5 > - Parameter Definition (SEMB, July 24, 2018) > [2] China ECC - Public Key Cryptographic Algorithm SM2 Based on ECC - Part 2 > - Digital Signature Algorithm (SEMB, July 24, 2018) > [3] China ECC - Public Key Cryptographic Algorithm SM2 Based on ECC - Part 4 > - Public Key Encryption Algorithm (SEMB, July 24, 2018) > > On 8/15/2019 10:16 AM, Paul Yang wrote: >> Hi all, >> >> I have submitted a new internet draft to introduce the SM cipher suites into >> TLS 1.3 protocol. >> >> https://tools.ietf.org/html/draft-yang-tls-tls13-sm-suites-00 >> >> SM cryptographic algorithms are originally a set of Chinese national >> algorithms and now have been (or being) accepted by ISO as international >> standards, including SM2 signature algorithm, SM3 hash function and SM4 >> block cipher. These algorithms have already been supported some time ago by >> several widely used open source cryptographic libraries including >>OpenSSL, BouncyCastle, Botan, etc. >> >> Considering TLS1.3 is being gradually adopted in China's internet industry, >> it's important to have a normative definition on how to use the SM >> algorithms with TLS1.3, especially for the mobile internet scenario. Ant >> Financial is the company who develops the market leading mobile app 'Alipay' >> and supports payment services for Alibaba e-commerce business. We highly are >> depending on the new TLS1.3 protocol for both performance and security >> purposes. We expect to have more deployment of TLS1.3 capable applications >> in China's internet industry by this standardization attempts. >> >> It's very appreciated to have comments from the IETF TLS list :-) >> >> Many thanks! >> >> >> ___ >> TLS mailing list >> >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls > > > -- > email: > rstruik@gmail.com > | Skype: rstruik > cell: +1 (647) 867-5658 | US: +1 (415) 690-7363 > ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
Re: [TLS] Draft for SM cipher suites used in TLS1.3
> On Aug 16, 2019, at 5:19 AM, Kyle Rose wrote: > > On Thu, Aug 15, 2019 at 10:17 AM Paul Yang > wrote: > Hi all, > > I have submitted a new internet draft to introduce the SM cipher suites into > TLS 1.3 protocol. > > https://tools.ietf.org/html/draft-yang-tls-tls13-sm-suites-00 > > Corresponding to changes in the IANA registry for TLS Cipher Suites as > specified by RFC 8447 (see section 8 of https://tools.ietf.org/html/rfc8447), > you should add a "recommended" column with the value "N" to changes requested > to the cipher suites registry. Okay, will fix this in next version. > > Additionally, the SignatureAlgorithms registry has been deprecated: its > contents apply only to versions of TLS prior to 1.3. Hmmm, it seems there should not be SignatureAlgorithms registry present in the draft. But I do find other typos of the IANA section, will all fix them in next version. Thanks! > > Kyle > ___ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
Re: [TLS] Draft for SM cipher suites used in TLS1.3
On Thu, Aug 15, 2019 at 10:17 AM Paul Yang wrote: > Hi all, > > I have submitted a new internet draft to introduce the SM cipher suites > into TLS 1.3 protocol. > > https://tools.ietf.org/html/draft-yang-tls-tls13-sm-suites-00 > Corresponding to changes in the IANA registry for TLS Cipher Suites as specified by RFC 8447 (see section 8 of https://tools.ietf.org/html/rfc8447), you should add a "recommended" column with the value "N" to changes requested to the cipher suites registry. Additionally, the SignatureAlgorithms registry has been deprecated: its contents apply only to versions of TLS prior to 1.3. Kyle ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
Re: [TLS] Draft for SM cipher suites used in TLS1.3
Hi Paul: I tried and look up the documents GMT.0009-2012 and GBT.32918.5-2016 on the (non-secured) websites you referenced, but only found Chinese versions (and Chinese website navigation panels [pardon my poor language skills here]). Since the ISO documents are not available to the general public without payment, it would be helpful to have a freely available document (in English) from an authoritative source. Having such a reference available would be helpful to the IETF community (and researchers). Please note that BSI provides its specifications in German and English, so as to foster use/study by the community. If the Chinese national algorithms would be available in similar form, this would serve a similar purpose. FYI - I am interested in full details and some time last year I tried to download specs, but only Parts 2, 4, and 5 were available [1], [2], [3], not Parts 1 and 3. Best regards, Rene [1] China ECC - Public Key Cryptographic Algorithm SM2 Based on ECC - Part 5 - Parameter Definition (SEMB, July 24, 2018) [2] China ECC - Public Key Cryptographic Algorithm SM2 Based on ECC - Part 2 - Digital Signature Algorithm (SEMB, July 24, 2018) [3] China ECC - Public Key Cryptographic Algorithm SM2 Based on ECC - Part 4 - Public Key Encryption Algorithm (SEMB, July 24, 2018) On 8/15/2019 10:16 AM, Paul Yang wrote: Hi all, I have submitted a new internet draft to introduce the SM cipher suites into TLS 1.3 protocol. https://tools.ietf.org/html/draft-yang-tls-tls13-sm-suites-00 SM cryptographic algorithms are originally a set of Chinese national algorithms and now have been (or being) accepted by ISO as international standards, including SM2 signature algorithm, SM3 hash function and SM4 block cipher. These algorithms have already been supported some time ago by several widely used open source cryptographic libraries including OpenSSL, BouncyCastle, Botan, etc. Considering TLS1.3 is being gradually adopted in China's internet industry, it's important to have a normative definition on how to use the SM algorithms with TLS1.3, especially for the mobile internet scenario. Ant Financial is the company who develops the market leading mobile app 'Alipay' and supports payment services for Alibaba e-commerce business. We highly are depending on the new TLS1.3 protocol for both performance and security purposes. We expect to have more deployment of TLS1.3 capable applications in China's internet industry by this standardization attempts. It's very appreciated to have comments from the IETF TLS list :-) Many thanks! ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls -- email: rstruik@gmail.com | Skype: rstruik cell: +1 (647) 867-5658 | US: +1 (415) 690-7363 ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
