edugain-discuss AT lists.geant.org
Subject: An open discussion list for topics related to the eduGAIN interfederation service.
List archive
- From: Nicole Roy <nroy AT internet2.edu>
- To: Alex Stuart <Alex.Stuart AT jisc.ac.uk>
- Cc: "edugain-discuss AT lists.geant.org" <edugain-discuss AT lists.geant.org>
- Subject: Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream
- Date: Fri, 3 Jun 2022 15:11:47 +0000
- Accept-language: en-US
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=internet2.edu; dmarc=pass action=none header.from=internet2.edu; dkim=pass header.d=internet2.edu; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4bCbp/cXHOU09sA9mibp2CRnW/r5lZmf/kB/7QIdaUU=; b=JfKxeFr7acw3IcmSn0ArwugVVADKtXrebg94diL1oG6U7R7cgClfOMFyrD36LqsSfSGgH6naU88O2XtofbCX6ngPgzFSlKqueQldzC2FIZ+rX3jI0SFPYQg0L2s5OzYbe/jQzcL+8seyD7ZmGLK+8wgRHx28ZYB5zXdfx/0oC1ghsPYHL9hqkX5zi2L16nzmX/SNZr50Du5BE+c+qC/CUhWj+eUgIIvw4Bp0zmqig/Tg1FsGXq06hMBkNMAHIq99Tcu+c8YakO0q+Q8YEtv51mqiNgvYHBu18UpaivvgDzU1m99TzjysnX/LSVMB3cAkk6girmR0WIbHTPAP8OxoLQ==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oL9LdqbSuU+GJ7+NDXV7XbmlhTC0JjGvsNuuHw1Np61tss+t2VhLmWES/NogOAllrGEFF3thkZYv3ffiaIKBUHanuuyG0BOBPqWA85k5jhg8x5g6Sl7FjaSoE05aJPA8cAgicvbXWcyO5YjSoUo9lXpWrxgp4D1cupQTYPBlX0FIufZTNGfw4gp7cT7P9QW6PURWg6UzN2+ll3+0sGg3q+u0J6jV/QZQUbeqAOptI6YhS8ZkEJ+RvXKeVbLsgeWRva2HqVhGlWwsAOvXJpOCdS8We++rllR5UtqyxIx1I6Y/j+sN8pFHEE9hcfU8wjM23rp4mix7QKPe11l77GJ/PQ==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=internet2.edu;
Thanks Alex, this is really good/important information. I’m wondering if this
might be a good thing to discuss at, say, the upcoming REFEDS meeting?
Nicole R
> On Jun 3, 2022, at 8:47 AM, Alex Stuart <Alex.Stuart AT jisc.ac.uk> wrote:
>
> Dear Colleagues,
>
> We in the UK federation team are reviewing the cryptographic strength of
> our metadata publication service. Integrity & authenticity of our
> aggregates (including our eduGAIN upstream feed) is provided by a 2K RSA
> key, SHA-256 signature and digest algorithms. We are using a 4K RSA key in
> our MDQ service, and considered the questions: should we be migrating to
> the 4K key, and by when? TL;DR Yes, by 2030.
>
> I hope our analysis is interesting for the member federations of eduGAIN.
>
> We have taken the eduGAIN upstream feeds from the eduGAIN API [0] and
> determined the cryptographic parameters of each. The data below presents
> the triples (RSA key size, signature algorithm, digest algorithm) and the
> number of eduGAIN upstream feeds which use that triple.
>
> (2048, 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
> 'http://www.w3.org/2001/04/xmlenc#sha256'): 34
> (3072, 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
> 'http://www.w3.org/2001/04/xmlenc#sha256'): 4
> (4096, 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
> 'http://www.w3.org/2001/04/xmlenc#sha256'): 32
> (4096, 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512',
> 'http://www.w3.org/2001/04/xmlenc#sha512'): 1
>
> Given this data, I've collated security strengths as per tables 2 and 3 of
> NIST SP 800-57 part 1 rev 5 [1] and the footnotes to table 1 in the
> implementation guide for FIPS 140-2 [2] to determine:
>
> - For the first triple, the key size of 2048 is the limiting factor.
> Strength 112.
> - For the second triple, all three quantities have estimated strength 128.
> - For the third triple, increasing the key size to 4K (strength 150
> according to the formula in [2]) does not increase the strength above 128
> because the algorithms limit strength to 128
> - For the last triple, the algorithms have strength > 256 and it's key size
> that's the limiting factor again. Strength 150.
>
> The UK federation feed is one of the 34 federations in the top line of the
> data. Is that a bad thing? Not necessarily. We still conform to the eduGAIN
> profile [3]. And NIST estimate that this is acceptable through 2030 (Table
> 4 of [1]).
>
> We have a migration route to higher strength that is available by
> transitioning to the 4K MDQ key. We intend to do this in the next couple of
> years as we re-engineer our metadata publication toolchain.
>
> We note that the Romanian federation uses SHA-512 algorithms in its eduGAIN
> upstream and with its federation members (which include Shibboleth and
> simpleSAMLphp entities) so there is a route to higher strength for our
> eduGAIN upstream and domestically once we have transitioned to the 4K key.
>
> Any comments, advice or gotchas gratefully received.
>
> Regards,
> Alex
>
> [0] Documentation of eduGAIN database access API
> https://technical.edugain.org/api
>
> [1] Recommendation for key management
> https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf
>
> [2] Implementation Guidance for FIPS 140-2 and the Cryptographic Module
> Validation Program
> https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/fips140-2/fips1402ig.pdf
>
> [3] eduGAIN SAML profile
> https://technical.edugain.org/doc/eduGAIN-saml-profile.pdf
>
> —
> Alex Stuart (he/him)
> Technical Development Manager (Trust and Identity)
> alex.stuart AT jisc.ac.uk
>
>
>
>
>
>
>
>
>
> Jisc is a registered charity (number 1149740) and a company limited by
> guarantee which is registered in England under company number. 05747339,
> VAT number GB 197 0632 86. Jisc’s registered office is: 4 Portwall Lane,
> Bristol, BS1 6NB. T 0203 697 5800.
>
>
> Jisc Services Limited is a wholly owned Jisc subsidiary and a company
> limited by guarantee which is registered in England under company number
> 02881024, VAT number GB 197 0632 86. The registered office is: 4 Portwall
> Lane, Bristol, BS1 6NB. T 0203 697 5800.
>
>
> Jisc Commercial Limited is a wholly owned Jisc subsidiary and a company
> limited by shares which is registered in England under company number
> 09316933, VAT number GB 197 0632 86. The registered office is: 4 Portwall
> Lane, Bristol, BS1 6NB. T 0203 697 5800.
>
>
> For more details on how Jisc handles your data see our privacy notice here:
> https://www.jisc.ac.uk/website/privacy-notice
Attachment:
signature.asc
Description: Message signed with OpenPGP
- [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream, Alex Stuart, 03-Jun-2022
- Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream, Nicole Roy, 06/03/2022
- Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream, Alex Stuart, 07-Jun-2022
- Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream, Nicole Roy, 07-Jun-2022
- Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream, Alex Stuart, 07-Jun-2022
- Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream, Peter Brand, 04-Jun-2022
- Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream, Alex Stuart, 07-Jun-2022
- Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream, Nicole Roy, 06/03/2022
Archive powered by MHonArc 2.6.19.