edugain-discuss AT lists.geant.org
Subject: An open discussion list for topics related to the eduGAIN interfederation service.
List archive
- From: Alex Stuart <Alex.Stuart AT jisc.ac.uk>
- To: "edugain-discuss AT lists.geant.org" <edugain-discuss AT lists.geant.org>
- Subject: Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream
- Date: Tue, 7 Jun 2022 08:43:13 +0000
- Accept-language: en-GB, en-US
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=jisc.ac.uk; dmarc=pass action=none header.from=jisc.ac.uk; dkim=pass header.d=jisc.ac.uk; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Px0OnB6xiDTs9yyAiWSJmOnMX1ImI2veFNQsyMiX8po=; b=b7IcTo09JQ6Wg09XrK0CvOB32cyXI20tTf5psq41tiDr6/9xhlHo4kOIHiFjY1hei1z1GtdJ0Eo+SslB/mvfzNcHaMUuInoQHI4X5TqFbKhq5lMxBoO9r3y3T3Dx2P4VAk/VwQpmjZInlDltYZ0pD7ugOx1hwNAwGMcnjveNbX4gNin66mwBZr39c9OhFKixgTRmaOw4hvewwKpeZNFN8ZH5kMHmxoF51gPEa65y0J2dZJknZhggRDYxDvLUQEzJYyVPUropyBZXfmZUtA6bfsH3dJpYOfsjcbgb1zmky2tTkxU5dBLlsxPtnm0ECDzwPW/HCFfkPhzPrIbhke8vEg==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dGSA/HMZz7XGtmBqK0AnjJBo4pPQy5Q1NgiQtZNUO2NQ8XmVIOsuMyk0QqZYE9WbpdEYiHi3fnbVD9HOhJSnJNa3g/ykFMp/6YV8+R4WzzHlfgS3AauLy7G8gVMToFkTZKm/JDJUjrifa7IEuvUfcQYXME04Ca2hZOgb7KJK1avCMzhSx0IpkKuzkABpw85JPAx5+HRQlUlbkyeCdu9c5njLOGNyoz1OiiYJg2I0xe4m4Z48cz5Qm+GUGZAJi44NEKt7K4tLE/Uk5ibxbKjmTZ7YaZ39bI69rP4Bm7CyMtmEdHmby6VypOgrEVsYwUsZrZ/xKXwrldp32F+48KwVIg==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=jisc.ac.uk;
Hi Nicole, I'm giving a UK federation update at the REFEDS meeting so will
mention this. I'm around until the TNC closing plenary on Thursday & happy to
chat informally during the week.
Alex
> On 3 Jun 2022, at 16:11, Nicole Roy <nroy AT internet2.edu> wrote:
>
> Thanks Alex, this is really good/important information. I’m wondering if
> this might be a good thing to discuss at, say, the upcoming REFEDS meeting?
>
> Nicole R
>
>> On Jun 3, 2022, at 8:47 AM, Alex Stuart <Alex.Stuart AT jisc.ac.uk> wrote:
>>
>> Dear Colleagues,
>>
>> We in the UK federation team are reviewing the cryptographic strength of
>> our metadata publication service. Integrity & authenticity of our
>> aggregates (including our eduGAIN upstream feed) is provided by a 2K RSA
>> key, SHA-256 signature and digest algorithms. We are using a 4K RSA key in
>> our MDQ service, and considered the questions: should we be migrating to
>> the 4K key, and by when? TL;DR Yes, by 2030.
>>
>> I hope our analysis is interesting for the member federations of eduGAIN.
>>
>> We have taken the eduGAIN upstream feeds from the eduGAIN API [0] and
>> determined the cryptographic parameters of each. The data below presents
>> the triples (RSA key size, signature algorithm, digest algorithm) and the
>> number of eduGAIN upstream feeds which use that triple.
>>
>> (2048, 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
>> 'http://www.w3.org/2001/04/xmlenc#sha256'): 34
>> (3072, 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
>> 'http://www.w3.org/2001/04/xmlenc#sha256'): 4
>> (4096, 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
>> 'http://www.w3.org/2001/04/xmlenc#sha256'): 32
>> (4096, 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512',
>> 'http://www.w3.org/2001/04/xmlenc#sha512'): 1
>>
>> Given this data, I've collated security strengths as per tables 2 and 3 of
>> NIST SP 800-57 part 1 rev 5 [1] and the footnotes to table 1 in the
>> implementation guide for FIPS 140-2 [2] to determine:
>>
>> - For the first triple, the key size of 2048 is the limiting factor.
>> Strength 112.
>> - For the second triple, all three quantities have estimated strength 128.
>> - For the third triple, increasing the key size to 4K (strength 150
>> according to the formula in [2]) does not increase the strength above 128
>> because the algorithms limit strength to 128
>> - For the last triple, the algorithms have strength > 256 and it's key
>> size that's the limiting factor again. Strength 150.
>>
>> The UK federation feed is one of the 34 federations in the top line of the
>> data. Is that a bad thing? Not necessarily. We still conform to the
>> eduGAIN profile [3]. And NIST estimate that this is acceptable through
>> 2030 (Table 4 of [1]).
>>
>> We have a migration route to higher strength that is available by
>> transitioning to the 4K MDQ key. We intend to do this in the next couple
>> of years as we re-engineer our metadata publication toolchain.
>>
>> We note that the Romanian federation uses SHA-512 algorithms in its
>> eduGAIN upstream and with its federation members (which include Shibboleth
>> and simpleSAMLphp entities) so there is a route to higher strength for our
>> eduGAIN upstream and domestically once we have transitioned to the 4K key.
>>
>> Any comments, advice or gotchas gratefully received.
>>
>> Regards,
>> Alex
>>
>> [0] Documentation of eduGAIN database access API
>> https://technical.edugain.org/api
>>
>> [1] Recommendation for key management
>> https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf
>>
>> [2] Implementation Guidance for FIPS 140-2 and the Cryptographic Module
>> Validation Program
>> https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/fips140-2/fips1402ig.pdf
>>
>> [3] eduGAIN SAML profile
>> https://technical.edugain.org/doc/eduGAIN-saml-profile.pdf
>>
>> —
>> Alex Stuart (he/him)
>> Technical Development Manager (Trust and Identity)
>> alex.stuart AT jisc.ac.uk
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> Jisc is a registered charity (number 1149740) and a company limited by
>> guarantee which is registered in England under company number. 05747339,
>> VAT number GB 197 0632 86. Jisc’s registered office is: 4 Portwall Lane,
>> Bristol, BS1 6NB. T 0203 697 5800.
>>
>>
>> Jisc Services Limited is a wholly owned Jisc subsidiary and a company
>> limited by guarantee which is registered in England under company number
>> 02881024, VAT number GB 197 0632 86. The registered office is: 4 Portwall
>> Lane, Bristol, BS1 6NB. T 0203 697 5800.
>>
>>
>> Jisc Commercial Limited is a wholly owned Jisc subsidiary and a company
>> limited by shares which is registered in England under company number
>> 09316933, VAT number GB 197 0632 86. The registered office is: 4 Portwall
>> Lane, Bristol, BS1 6NB. T 0203 697 5800.
>>
>>
>> For more details on how Jisc handles your data see our privacy notice
>> here: https://www.jisc.ac.uk/website/privacy-notice
>
—
Alex Stuart (he/him)
Technical Development Manager (Trust and Identity)
alex.stuart AT jisc.ac.uk
- [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream, Alex Stuart, 03-Jun-2022
- Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream, Nicole Roy, 03-Jun-2022
- Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream, Alex Stuart, 06/07/2022
- Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream, Nicole Roy, 07-Jun-2022
- Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream, Alex Stuart, 06/07/2022
- Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream, Peter Brand, 04-Jun-2022
- Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream, Alex Stuart, 07-Jun-2022
- Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream, Nicole Roy, 03-Jun-2022
Archive powered by MHonArc 2.6.19.