[cabfpub] Pre-Ballot 164 - Certificate Serial Number Entropy
Erwann Abalea
Erwann.Abalea at docusign.com
Fri Apr 15 14:44:06 UTC 2016
Bonjour,
20 bits of entropy is the same as 20 bits unpredictable bits.
Whence, 64 bits of entropy is a higher requirement than 20 bits of entropy.
Cordialement,
Erwann Abalea
Le 15 avr. 2016 à 16:32, Ben Wilson <ben.wilson at digicert.com<mailto:ben.wilson at digicert.com>> a écrit :
Forwarding
From: Man Ho (Certizen) [mailto:manho at certizen.com]
Sent: Thursday, April 14, 2016 7:51 PM
To: Ben Wilson <ben.wilson at digicert.com<mailto:ben.wilson at digicert.com>>; Ryan Sleevi <sleevi at google.com<mailto:sleevi at google.com>>
Cc: public at cabforum.org<mailto:public at cabforum.org>
Subject: Re: [cabfpub] Pre-Ballot 164 - Certificate Serial Number Entropy
Ben,
We had already changed our system to issue SSL certificates with 20 hexadecimal characters of at least 20-bit of entropy since 2014. I'm just wondering why the requirement is changed from "bits of entropy" to "unpredictable bits", which I don't understand the conversion (like "cm" to "inch" :). I don't know whether our software vendor understands it.
Man
On 4/15/2016 4:24 AM, Ben Wilson wrote:
You’re right, given a randomly generated 20-byte serial number, you have 159 unpredictable bits.
From: Ryan Sleevi [mailto:sleevi at google.com]
Sent: Thursday, April 14, 2016 2:03 PM
To: Ben Wilson <ben.wilson at digicert.com><mailto:ben.wilson at digicert.com>
Cc: Man Ho (Certizen) <manho at certizen.com><mailto:manho at certizen.com>; public at cabforum.org<mailto:public at cabforum.org>
Subject: Re: [cabfpub] Pre-Ballot 164 - Certificate Serial Number Entropy
Ben:
Are you sure your math is correct? A serial number is 20 bytes, with the high bit needing to be 1 (for the encoding of positive INTEGERS within DER). This leaves 159 bits for entropy. So you certainly can't have more unpredictable bits than that :)
On Thu, Apr 14, 2016 at 12:59 PM, Ben Wilson <ben.wilson at digicert.com<mailto:ben.wilson at digicert.com>> wrote:
Man,
Have you had a chance to do further research on the capabilities of your system? Our CA issues certificates with 32 hexadecimal characters for the serial number. There are 4 bits of entropy for each hexadecimal character. Therefore, our serial numbers have 128 bits of entropy and 16*32= 512 unpredictable bits. An 8-hexadecimal character serial number would have 32 bits of entropy and 128 unpredictable bits. A 20-bit entropy would be equal to 5 hexadecimal characters, or 80 unpredictable bits, so this seems like this is a downgrade to go to 64 unpredictable bits. Am I right?
Ben
From: Man Ho (Certizen) [mailto:manho at certizen.com<mailto:manho at certizen.com>]
Sent: Wednesday, March 23, 2016 12:27 AM
To: Ben Wilson <ben.wilson at digicert.com<mailto:ben.wilson at digicert.com>>; public at cabforum.org<mailto:public at cabforum.org>
Subject: Re: [cabfpub] Pre-Ballot 164 - Certificate Serial Number Entropy
Hi all,
Is the meaning of "at least 64 unpredictable bits" setting the same or a higher requirement than "at least 20 bits of entropy" ? I'm not quite sure whether our certificate generation software has this setting in itself.
Cheers
Man
On 3/1/2016 12:21 AM, Ben Wilson wrote:
REPLACE
"CAs SHOULD generate non-sequential Certificate serial numbers that exhibit at least 20 bits of entropy"
WITH
"Effective April 1, 2016, CAs SHALL use a Certificate serialNumber greater than zero (0) that contains at least 64 unpredictable bits."
_______________________________________________
Public mailing list
Public at cabforum.org<mailto:Public at cabforum.org>
https://cabforum.org/mailman/listinfo/public
_______________________________________________
Public mailing list
Public at cabforum.org<mailto:Public at cabforum.org>
https://cabforum.org/mailman/listinfo/public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160415/d057babd/attachment-0003.html>
More information about the Public
mailing list