From owner-freebsd-security@freebsd.org Tue Jul 12 09:43:20 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 352F6B90722 for ; Tue, 12 Jul 2016 09:43:20 +0000 (UTC) (envelope-from mailing-machine@vniz.net) Received: from mail-lf0-f43.google.com (mail-lf0-f43.google.com [209.85.215.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D8A1F18ED for ; Tue, 12 Jul 2016 09:43:19 +0000 (UTC) (envelope-from mailing-machine@vniz.net) Received: by mail-lf0-f43.google.com with SMTP id f93so7750816lfi.2 for ; Tue, 12 Jul 2016 02:43:19 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=CBjWj+s1SjYbMyrnhQev0mYs3rwqrKXtSvZhCiMFAtQ=; b=dugq1ydD2AwNpERe7GKK3vZxVuz+uKVp8W5Slj+P0o5IqFaMKbbOONgZnxB45KPflH CWHhAPG3w7AScxXyJPogOt5N+6taCoWCnn8Tb9Ocl3YglDT9VSY47SJLCTevMCG1hC2k DgHPs7NZ3ACYY+R3qbhK2S/g/KLVZSof7aMmiOjFWETWNZTSGXJOnZnBXDYAdUOpXknn N+NDuVCequYC5OZOhxMgs+Qh0HrS33Ly+Y4nnoM8AK+rIzO0yTT1b0BIc17DJ+a4ZKSt KVSGMNn2hAgWY4QYUq6viJ6pYarZZ+Omqivfv0vvJITXcf/JzEpl253x8hbarefLdwEO 6+fw== X-Gm-Message-State: ALyK8tIX2godvbfIRpYYCAtPL2N+zq/BPPRFDEaVh/ZaMupAs6cjVz5i3NpmC7ZC/tGEaw== X-Received: by 10.25.147.14 with SMTP id v14mr491311lfd.43.1468316191211; Tue, 12 Jul 2016 02:36:31 -0700 (PDT) Received: from [192.168.1.2] ([89.169.173.68]) by smtp.gmail.com with ESMTPSA id h4sm4558697ljh.27.2016.07.12.02.36.30 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 12 Jul 2016 02:36:30 -0700 (PDT) Subject: Re: GOST in OPENSSL_BASE To: Kevin Oberman References: <20160710133019.GD20831@zxy.spb.ru> <20160711184122.GP46309@zxy.spb.ru> <98f27660-47ff-d212-8c50-9e6e1cd52e0b@freebsd.org> <673ea9f5-e5e5-91e0-5bd1-2119c2f7b493@freebsd.org> Cc: Slawa Olhovchenkov , Jung-uk Kim , freebsd-security@freebsd.org, FreeBSD Current From: Andrey Chernov Message-ID: <9ef020b8-077c-b7a7-bfa5-ddb51f85e632@freebsd.org> Date: Tue, 12 Jul 2016 12:36:29 +0300 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 MIME-Version: 1.0 In-Reply-To: <673ea9f5-e5e5-91e0-5bd1-2119c2f7b493@freebsd.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Jul 2016 09:43:20 -0000 On 12.07.2016 12:16, Andrey Chernov wrote: > On 12.07.2016 8:48, Kevin Oberman wrote: >> >> May be need file PR for dns/bind910? >> >> >> >> # grep -3 BROK /poudriere/ports/default/dns/bind910/Makefile >> >> .include > >> >> >> >> .if ( ${PORT_OPTIONS:MGOST} || ${PORT_OPTIONS:MGOST_ASN1} ) && >> ${SSL_DEFAULT} == base >> >> BROKEN= OpenSSL from the base system does not support GOST, add \ >> >> DEFAULT_VERSIONS+=ssl=openssl to your /etc/make.conf and >> rebuild everything \ >> >> that needs SSL. >> >> .endif >> >> >> > >> > I dislike idea to use GOST in the bind, it is unneeded there, DNSSEC >> > don't use GOST, so I vote for removing GOST option from there. >> > >> >> I need to note that RFC exists, proposing GOST (old version) for DNSSEC: >> https://tools.ietf.org/html/rfc5933 >> but nobody really use it. >> >> In case people are not aware of it, Russian law now requires ALL >> encrypted traffic must either be accessible by the FSB or that the >> private keys must be available to the FSB. > > It is not quite so. All traffic must be available for 6 months and they > express intention to ask big companies for their private keys, but later > is not required by the law (not yet...) > >> I have always assumed that >> GOST has a hidden vulnerability/backdoor that the FSB is already using, > > I already answer this question elsewhere in this thread with the reference. > >> but this makes it mandatory. Putin gave the FSB 2 weeks to implement the >> law, which is clearly impossible, but I suspect that there will be a >> huge effort to pick all low-hanging fruit. As a result, I suspect no one >> outside of Russia will touch GOST. (Not that they do now, either.) I'd >> hate to see its support required for any protocol except in Russia as >> someone will be silly enough to use it. > > I already explain required GOST usage pattern in this thread. > Ah, I see, freebsd-current list was excluded by someone, so I repeat what I wrote: Official documents workflow here require using GOST signatures for authenticity and consistency verification, they are needed or, in some cases, required for both people and companies. Since it is official in any case, there is no harm to have FSB backdoor in the algo, unless some hacker will find it. Just don't use GOST for something else to stay on safe side. BTW, latest GOST based on elliptic curves, so from math point of view probability of having backdoor here is minimal. I don't examine its implementation. See https://ru.wikipedia.org/wiki/%D0%93%D0%9E%D0%A1%D0%A2_%D0%A0_34.10-2012 You can consider GOST goals are the same as FIPS ones with the reason to have things "domestically produced".