IETF Logo Mail Archive

Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-03.txt

David McGrew <mcgrew@cisco.com> Mon, 03 February 2014 21:49 UTC

Return-Path: <mcgrew@cisco.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EDE431A019F for <cfrg@ietfa.amsl.com>; Mon, 3 Feb 2014 13:49:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.035
X-Spam-Level:
X-Spam-Status: No, score=-15.035 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.535, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hr33AB4FWpOK for <cfrg@ietfa.amsl.com>; Mon, 3 Feb 2014 13:49:41 -0800 (PST)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) by ietfa.amsl.com (Postfix) with ESMTP id 160B51A015D for <cfrg@ietf.org>; Mon, 3 Feb 2014 13:49:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4716; q=dns/txt; s=iport; t=1391464181; x=1392673781; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to; bh=/m1oP/hb6UArgIKsejGZCLZ00uXJumFCUJ43WS2kZMo=; b=GSfTTkr/9Vlr+dp6nXGYYBtsOvGh+fRCCY7MJG7OzgcepLy5A/gSHCe8 lzBr6Kxw+gISiBj7SYB9TEGkiquWzyg6mEzS35NfBvZ2t8aJo8TO22y9k RlbWlxLcyuDOG9qymwiOldmL+QMJb+ZEtPy3utN1muWk2zMcwwQI0saDg o=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AhwFACQO8FKtJXHB/2dsb2JhbABZgww4iTW1NIEPFnSCJQEBAQMBcgYBBQsLBBQJFggHCQMCAQIBNBEGDQEFAgKHeQgNzV4XjwkHhDgEiUmOYYEyhRaLWYNLHg
X-IronPort-AV: E=Sophos; i="4.95,774,1384300800"; d="scan'208,217"; a="301649407"
Received: from rcdn-core2-6.cisco.com ([173.37.113.193]) by rcdn-iport-4.cisco.com with ESMTP; 03 Feb 2014 21:49:40 +0000
Received: from [10.0.2.15] (rtp-mcgrew-8913.cisco.com [10.117.10.228]) by rcdn-core2-6.cisco.com (8.14.5/8.14.5) with ESMTP id s13LndOX023963; Mon, 3 Feb 2014 21:49:40 GMT
Message-ID: <52F00EF3.3040505@cisco.com>
Date: Mon, 03 Feb 2014 16:49:39 -0500
From: David McGrew <mcgrew@cisco.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130922 Icedove/17.0.9
MIME-Version: 1.0
To: Watson Ladd <watsonbladd@gmail.com>
References: <20140203192451.6268.76511.idtracker@ietfa.amsl.com> <7af2f9df96e5867d493c614806235363.squirrel@www.trepanning.net> <CACsn0cm1f-P95je5AbEbZ02Ut3+HM7Hx28P6j46TqE-=06eZDg@mail.gmail.com>
In-Reply-To: <CACsn0cm1f-P95je5AbEbZ02Ut3+HM7Hx28P6j46TqE-=06eZDg@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------020508090606060207080806"
Cc: cfrg@ietf.org
Subject: Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-03.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Feb 2014 21:49:43 -0000

On 02/03/2014 02:47 PM, Watson Ladd wrote:
>
>
> On Feb 3, 2014 11:27 AM, "Dan Harkins" <dharkins@lounge.org 
> <mailto:dharkins@lounge.org>> wrote:
> >
> >
> >   Hello,
> >
> >   I updated the dragonfly draft to incorporate the comments received
> > from Rene and Scott. Please take a look.
> >
>
> It still doesn't compare favorably to JPAKE or SPAKE2. TLS has shown 
> less then zero interest in it. No reduction or evidence for claims 
> made is forthcoming. The draft excludes curves with uniform hashing to 
> points.
>
> Why is this specific PAKE a work item and not the other alternatives?
>

You mean like draft-irtf-cfrg-augpake-00?

Drafts are taken up when someone is willing to write one, and there are 
sufficiently many other people that are interested.

> Was this a joke for groundhog day?
>

The sarcasm is not helpful.  Let's stick to a technical discussion.

This draft most certainly should be reviewed, since security concerns 
were raised regarding earlier versions of the draft, especially 
regarding implementation guidance and timing channels.

The process by which CFRG drafts can become RFCs is described in 
http://wiki.tools.ietf.org/html/rfc5743#section-2.1   Note that there is 
a paragraph in the RFC that describes the relationship of that work to 
the research group.    This mechanism enables the sentiment of the RG to 
be captured in the RFC.

Let me ask: can you suggest text for the security considerations section 
of this draft that captures your concerns regarding the lack of 
reduction and uniform hashing?

David

v2.23.0 | Report a Bug | By Email