IETF Logo Mail Archive

Re: [Cfrg] PAKEs in general (was; Re: draft-irtf-cfrg-dragonfly document status)

Yoav Nir <ynir.ietf@gmail.com> Thu, 09 October 2014 20:53 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A9C441A87E7 for <cfrg@ietfa.amsl.com>; Thu, 9 Oct 2014 13:53:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mQHaGV4ccACd for <cfrg@ietfa.amsl.com>; Thu, 9 Oct 2014 13:53:17 -0700 (PDT)
Received: from mail-la0-x22c.google.com (mail-la0-x22c.google.com [IPv6:2a00:1450:4010:c03::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ACD3E1A87D6 for <cfrg@irtf.org>; Thu, 9 Oct 2014 13:53:16 -0700 (PDT)
Received: by mail-la0-f44.google.com with SMTP id hs14so2025733lab.17 for <cfrg@irtf.org>; Thu, 09 Oct 2014 13:53:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=gQAJjWc7G6VPk01esFkP+ZKWY8yyVoX4fZ3AnguAxKY=; b=TzPJH9uTbgJ1pFvQSVVbNVT+xwYxUWQTk75TR59xmGxoSKikXj/tPxEEL2NT/p/+HU vxwCm6DgFX01dkagogq6567kpa46+2knWm7seJl7k/X46wBQCxMiF9u149dNo/QsWnYd RP3TEpabBImRl8S6DRoIg8Ckxaxj0puWVBhK+G29s60ypJ7RPH7W+oQZiQv0tILBu8wC KMa5q0tWpOZCRQ5oc1Sjt8nVZNX3KGdVoqBg3kRBoo57coLjGJ5xwWXIxje5DUqeDDdK IGJkndY0f8yHrIru5ZTpRauj35COGiAQtILE3UWCSmbPgJG+YmVCMinuA3m/gkp60y0o 5gWA==
X-Received: by 10.112.142.33 with SMTP id rt1mr20028441lbb.69.1412887994519; Thu, 09 Oct 2014 13:53:14 -0700 (PDT)
Received: from [192.168.1.101] (IGLD-84-228-54-144.inter.net.il. [84.228.54.144]) by mx.google.com with ESMTPSA id w10sm1253301laz.28.2014.10.09.13.53.12 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 09 Oct 2014 13:53:14 -0700 (PDT)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <D05BF8A4.50927%paul@marvell.com>
Date: Thu, 09 Oct 2014 23:53:11 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <12DDE3BC-524C-4F83-908C-CDDA3D7D88A3@gmail.com>
References: <54357A2A.2010800@isode.com> <38634A9C401D714A92BB13BBA9CCD34F13E26818@mail-essen-01.secunet.de> <54366BA1.1010603@cs.tcd.ie> <D05BF8A4.50927%paul@marvell.com>
To: Paul Lambert <paul@marvell.com>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/5b4pbDC8WeKHFwU4gd_rmF8hDDY
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] PAKEs in general (was; Re: draft-irtf-cfrg-dragonfly document status)
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Oct 2014 20:53:18 -0000

On Oct 9, 2014, at 7:55 PM, Paul Lambert <paul@marvell.com> wrote:

>> 
>> I'll just note that there were also voices (incl. mine) saying:
>> "I really don't care about work on PAKEs. Seems like a waste of
>> time to me. But go ahead and spend time on that if you wish."
> 
> +1 mostly.
> 
> Shared passwords are architecturally problematic.  They are
> more useable ways to authenticate.

I wish I had a dollar for every time someone said that in the last 20 years…

> The Œmostly' is that the Dragonfly draft should be published
> so it can be used a little better in a couple of specific
> environments where it is already being wired into systems.
> Specifically, IEEE 802.11 has the SAE protocol which uses
> the Dragonfly exchange for mesh networks.

That’s the part I don’t understand. Since the first revision of this document, the group made some suggestions for improvement that have been incorporated into the draft. 

We also have Dan’t message ([1]) describing differences between the 802.11 version and this draft, including attacks that work on earlier versions of this draft that don’t work on the 802.11 version.

Given all that, I don’t think this is a document that describes existing practice, in the same vein as an SSLv3 document or a PKCS#12 document. This is a document describing an entirely new PAKE, so it should be judged as such.

Yoav
[1] http://www.ietf.org/mail-archive/web/cfrg/current/msg05210.html

v2.23.0 | Report a Bug | By Email