Skip to Content.
Sympa Menu

edugain-discuss - Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream

edugain-discuss AT lists.geant.org

Subject: An open discussion list for topics related to the eduGAIN interfederation service.

List archive

Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream


Chronological Thread 
  • From: Nicole Roy <nroy AT internet2.edu>
  • To: Alex Stuart <Alex.Stuart AT jisc.ac.uk>
  • Cc: "edugain-discuss AT lists.geant.org" <edugain-discuss AT lists.geant.org>
  • Subject: Re: [eduGAIN-discuss] Cryptographic strength of UK federation eduGAIN upstream
  • Date: Tue, 7 Jun 2022 14:58:15 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=internet2.edu; dmarc=pass action=none header.from=internet2.edu; dkim=pass header.d=internet2.edu; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=hBYBDUiDlfNMpVq5Wj5yGzg8FS2ChZ9Wa7MjL8Jg+LM=; b=oYS/hTqqTckZZx7KliwkhAFhx142iGotu82bOal/koh560NXxwytQPgvPnhRB8B18/j0HZymjv3GkRsGM1fHdXZS/EP1ugHNZvUYKUMFbBJ+JuVbD0zKJyc2tLU9BBF3kTYVX1BbWUeNhVJ6DwUH3DfVTyZS6VaDXxZmrJh482h3Dsk0qcLIH98EZl8oml5nA1/mKG9vAA4lS7E3sc9lGboUcggSq8YAAGKObJNopaSUlh/vF0LqTgmnTlO92JzL4nuByWp6uLY2LkZTtANLoUysukoR8NQ1IRHn/sHhpm9tuFwF20wao7r0rNMQ9unRmpih0LLB675uYudYSCQxZA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=d4vRcgaeHVniZt6vlrdBcwl6WssWoi+SSU7ewH6S7ZatfrsZ+b6eIZ9r2BolLCdeUjj43paSNNroVVzafdlLFDXa4a75EA8l3YRdDda/AzYgoaDiL6gJ+rYheg9t9SvMjE2EuK/tnn11UkaMcloiibKG5/jNBVZ3Hvlob+Wz+NjywRLjYxD3Id6MaI2BrI3X3OW1H9a9p+oZT9qSWnLW0g5gtTimEZV/A/kioQPcNqoj8gme1YGVz5xnl33VuYVhXG/h+EQvTWC+PUT+FxQfWotbGc/x5/kL/mr8NGti0QHX1OY70DejtP+DEwFhHHcDCw8a8KPugvXWCdS/8aomfw==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=internet2.edu;

Thanks! See you in Trieste!

> On Jun 7, 2022, at 2:43 AM, Alex Stuart <Alex.Stuart AT jisc.ac.uk> wrote:
>
> Hi Nicole, I'm giving a UK federation update at the REFEDS meeting so will
> mention this. I'm around until the TNC closing plenary on Thursday & happy
> to chat informally during the week.
>
> Alex
>
>> On 3 Jun 2022, at 16:11, Nicole Roy <nroy AT internet2.edu> wrote:
>>
>> Thanks Alex, this is really good/important information. I’m wondering if
>> this might be a good thing to discuss at, say, the upcoming REFEDS meeting?
>>
>> Nicole R
>>
>>> On Jun 3, 2022, at 8:47 AM, Alex Stuart <Alex.Stuart AT jisc.ac.uk> wrote:
>>>
>>> Dear Colleagues,
>>>
>>> We in the UK federation team are reviewing the cryptographic strength of
>>> our metadata publication service. Integrity & authenticity of our
>>> aggregates (including our eduGAIN upstream feed) is provided by a 2K RSA
>>> key, SHA-256 signature and digest algorithms. We are using a 4K RSA key
>>> in our MDQ service, and considered the questions: should we be migrating
>>> to the 4K key, and by when? TL;DR Yes, by 2030.
>>>
>>> I hope our analysis is interesting for the member federations of eduGAIN.
>>>
>>> We have taken the eduGAIN upstream feeds from the eduGAIN API [0] and
>>> determined the cryptographic parameters of each. The data below presents
>>> the triples (RSA key size, signature algorithm, digest algorithm) and the
>>> number of eduGAIN upstream feeds which use that triple.
>>>
>>> (2048, 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
>>> 'http://www.w3.org/2001/04/xmlenc#sha256'): 34
>>> (3072, 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
>>> 'http://www.w3.org/2001/04/xmlenc#sha256'): 4
>>> (4096, 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
>>> 'http://www.w3.org/2001/04/xmlenc#sha256'): 32
>>> (4096, 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512',
>>> 'http://www.w3.org/2001/04/xmlenc#sha512'): 1
>>>
>>> Given this data, I've collated security strengths as per tables 2 and 3
>>> of NIST SP 800-57 part 1 rev 5 [1] and the footnotes to table 1 in the
>>> implementation guide for FIPS 140-2 [2] to determine:
>>>
>>> - For the first triple, the key size of 2048 is the limiting factor.
>>> Strength 112.
>>> - For the second triple, all three quantities have estimated strength 128.
>>> - For the third triple, increasing the key size to 4K (strength 150
>>> according to the formula in [2]) does not increase the strength above 128
>>> because the algorithms limit strength to 128
>>> - For the last triple, the algorithms have strength > 256 and it's key
>>> size that's the limiting factor again. Strength 150.
>>>
>>> The UK federation feed is one of the 34 federations in the top line of
>>> the data. Is that a bad thing? Not necessarily. We still conform to the
>>> eduGAIN profile [3]. And NIST estimate that this is acceptable through
>>> 2030 (Table 4 of [1]).
>>>
>>> We have a migration route to higher strength that is available by
>>> transitioning to the 4K MDQ key. We intend to do this in the next couple
>>> of years as we re-engineer our metadata publication toolchain.
>>>
>>> We note that the Romanian federation uses SHA-512 algorithms in its
>>> eduGAIN upstream and with its federation members (which include
>>> Shibboleth and simpleSAMLphp entities) so there is a route to higher
>>> strength for our eduGAIN upstream and domestically once we have
>>> transitioned to the 4K key.
>>>
>>> Any comments, advice or gotchas gratefully received.
>>>
>>> Regards,
>>> Alex
>>>
>>> [0] Documentation of eduGAIN database access API
>>> https://technical.edugain.org/api
>>>
>>> [1] Recommendation for key management
>>> https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf
>>>
>>> [2] Implementation Guidance for FIPS 140-2 and the Cryptographic Module
>>> Validation Program
>>> https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/fips140-2/fips1402ig.pdf
>>>
>>> [3] eduGAIN SAML profile
>>> https://technical.edugain.org/doc/eduGAIN-saml-profile.pdf
>>>
>>> —
>>> Alex Stuart (he/him)
>>> Technical Development Manager (Trust and Identity)
>>> alex.stuart AT jisc.ac.uk
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> Jisc is a registered charity (number 1149740) and a company limited by
>>> guarantee which is registered in England under company number. 05747339,
>>> VAT number GB 197 0632 86. Jisc’s registered office is: 4 Portwall Lane,
>>> Bristol, BS1 6NB. T 0203 697 5800.
>>>
>>>
>>> Jisc Services Limited is a wholly owned Jisc subsidiary and a company
>>> limited by guarantee which is registered in England under company number
>>> 02881024, VAT number GB 197 0632 86. The registered office is: 4 Portwall
>>> Lane, Bristol, BS1 6NB. T 0203 697 5800.
>>>
>>>
>>> Jisc Commercial Limited is a wholly owned Jisc subsidiary and a company
>>> limited by shares which is registered in England under company number
>>> 09316933, VAT number GB 197 0632 86. The registered office is: 4 Portwall
>>> Lane, Bristol, BS1 6NB. T 0203 697 5800.
>>>
>>>
>>> For more details on how Jisc handles your data see our privacy notice
>>> here: https://www.jisc.ac.uk/website/privacy-notice
>>
>
>
> Alex Stuart (he/him)
> Technical Development Manager (Trust and Identity)
> alex.stuart AT jisc.ac.uk
>
>
>
>
>
>
>
>

Attachment: signature.asc
Description: Message signed with OpenPGP




Archive powered by MHonArc 2.6.19.

Top of Page