[Cfrg] PAKE selection process: Maybe we need a modular approach for integrating authentication of human individuals with TLS?

Björn Haase <bjoern.haase@endress.com> Fri, 19 July 2019 09:45 UTC

Return-Path: <bjoern.haase@endress.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F659120176 for <cfrg@ietfa.amsl.com>; Fri, 19 Jul 2019 02:45:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=endress.com header.b=I4bQ9uZ3; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=endress.com header.b=oLLwAqI1
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wXBySBKtPCBl for <cfrg@ietfa.amsl.com>; Fri, 19 Jul 2019 02:45:11 -0700 (PDT)
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-eopbgr20042.outbound.protection.outlook.com [40.107.2.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 726F3120111 for <cfrg@irtf.org>; Fri, 19 Jul 2019 02:45:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=endress.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=z/IMDIr4/yVQFyFBSEj5ilhIQ3EL4lUOoFnYlMlHI9U=; b=I4bQ9uZ3GNgX+e2iM+HoTZFUKxEvbAb3MnMMiDQJAqz0ioLaJj48fj6De7i7c0t9Axb00gZsjMVGK+AGxK38+WyrcrcFYcbVv23fWyZGjMoY05O2OWZojLqDIi1nBmL8ciEHRtRPU1KhRKl9pQCf5pAzCMMxShbOBbz/kmxSBu0=
Received: from HE1PR05CA0221.eurprd05.prod.outlook.com (2603:10a6:3:fa::21) by AM7PR05MB6823.eurprd05.prod.outlook.com (2603:10a6:20b:13e::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2094.12; Fri, 19 Jul 2019 09:45:07 +0000
Received: from VE1EUR03FT059.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e09::207) by HE1PR05CA0221.outlook.office365.com (2603:10a6:3:fa::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2094.12 via Frontend Transport; Fri, 19 Jul 2019 09:45:07 +0000
Authentication-Results: spf=pass (sender IP is 40.68.44.165) smtp.mailfrom=endress.com; irtf.org; dkim=fail (body hash did not verify) header.d=endress.com;irtf.org; dmarc=pass action=none header.from=endress.com;
Received-SPF: Pass (protection.outlook.com: domain of endress.com designates 40.68.44.165 as permitted sender) receiver=protection.outlook.com; client-ip=40.68.44.165; helo=iqsuite.endress.com;
Received: from iqsuite.endress.com (40.68.44.165) by VE1EUR03FT059.mail.protection.outlook.com (10.152.19.60) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2052.18 via Frontend Transport; Fri, 19 Jul 2019 09:45:06 +0000
Received: from mail pickup service by iqsuite.endress.com with Microsoft SMTPSVC; Fri, 19 Jul 2019 11:45:05 +0200
Received: from EUR04-VI1-obe.outbound.protection.outlook.com ([104.47.14.56]) by iqsuite.endress.com over TLS secured channel with Microsoft SMTPSVC(8.5.9600.16384); Fri, 19 Jul 2019 11:45:04 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iFn5cO38eg5C47ORXz/3lKzeVV1ZnVan5gKZ6968YM6zA4JUHIaCKOWohiwISYKl+44kBNwNItYyjOFtpqqSalK7tpaKet6j4Ad+5V+xMhAFzHO5yrD6RofEMing7sM//A48xDBi2KvvisfrHkMRzArwSXXJZI3Ix71BuSF1m8O9aXVQf/KPABm6gOxv0eoZR6DySelCGAmftaV0a6e2WRYsA5iLUh5i7XWJVs+GFsR2gfeFLgQZDjBjC91fsUAumsR5Qhfzcn0JqN8/q6cuPhi4lm26MhTqlCJeo26dACwf+YFOgXAwhb4+c+0ZyrG4viiqcpi0xLQ0XcxIU9dmrw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fIsZokusXbLuwKSrGSvRNgpR+zRB7IxaGOopSaDDfh8=; b=XuLfGj0c+1QBq5pi9O5Vb8KkSFYY6EflrtH/mvxMpJ/ImAWJ5BzvRf3Fi0IoX+eOGlIwQbiKMqx+Dc2dNP1AELb+jG52SrCBJOqhSsD9zMGDHjymE6+aUZUjNN/XL3me0fTj/4CbLQ5iqLVaMXmlZDEgDwAtpZqYjF9iu+rBC6dQ3JnXWAJYPYgbEQe1WZ9hLVrYObGUyuV2fPwmV2wbA318c7x2tzSSQImeiQHVLcF2bHNiJveLGE0pgENH/xp7ev7n8xEDxZj3BNeGIWLGsb+BcwGKNG49DJqYuX3KaLGLPFJqDl2huTaiwB3aQEPJnEPFQeMFO97Yf/RdBgxQZQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=endress.com;dmarc=pass action=none header.from=endress.com;dkim=pass header.d=endress.com;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=endress.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fIsZokusXbLuwKSrGSvRNgpR+zRB7IxaGOopSaDDfh8=; b=oLLwAqI1gHJizmXJB9CDKfM1L6SqCWtE9VlE7ubl8QPG6jIVylTd7f2HXIoUjWtJJGtzXUbYDH0Z5gbZqx0ArSnmMkcObleiyEsWHQu9V/q+TqZfvg5SePBnz1ucQcH/r5nen4vJhy/+UJ++VSah1nRKcCxSbTT1EoeG458gBLc=
Received: from VI1PR0501MB2255.eurprd05.prod.outlook.com (10.169.135.11) by VI1PR0501MB2768.eurprd05.prod.outlook.com (10.172.81.140) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2073.14; Fri, 19 Jul 2019 09:45:03 +0000
Received: from VI1PR0501MB2255.eurprd05.prod.outlook.com ([fe80::d802:c0a5:12ac:dc2d]) by VI1PR0501MB2255.eurprd05.prod.outlook.com ([fe80::d802:c0a5:12ac:dc2d%6]) with mapi id 15.20.2073.012; Fri, 19 Jul 2019 09:45:03 +0000
From: =?utf-8?B?QmrDtnJuIEhhYXNl?= <bjoern.haase@endress.com>
To: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>, CFRG <cfrg@irtf.org>
Thread-Topic: [Cfrg] PAKE selection process: Maybe we need a modular approach for integrating authentication of human individuals with TLS?
Thread-Index: AdU+FdEY7bQUSXEZQf6qgCUw0t3LJgAAIekw
Date: Fri, 19 Jul 2019 09:45:03 +0000
Message-ID: <VI1PR0501MB22552132C0FE682841A9CAFB83CB0@VI1PR0501MB2255.eurprd05.prod.outlook.com>
References: <VI1PR0501MB2255752B38545BA82261F20383CB0@VI1PR0501MB2255.eurprd05.prod.outlook.com>
In-Reply-To: <VI1PR0501MB2255752B38545BA82261F20383CB0@VI1PR0501MB2255.eurprd05.prod.outlook.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Enabled=True; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_SiteId=52daf2a9-3b73-4da4-ac6a-3f81adc92b7e; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Owner=bjoern.haase@endress.com; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_SetDate=2019-07-19T09:41:43.5466058Z; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Name=Not Protected; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Application=Microsoft Azure Information Protection; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_ActionId=5f2fbfce-4f31-49f1-a46d-f35de5a3866f; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Extended_MSFT_Method=Automatic
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=bjoern.haase@endress.com;
x-originating-ip: [93.240.145.106]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-Correlation-Id: b192a97a-605c-450f-389f-08d70c2dc862
X-Microsoft-Antispam-Untrusted: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:VI1PR0501MB2768;
X-MS-TrafficTypeDiagnostic: VI1PR0501MB2768:|AM7PR05MB6823:
X-Microsoft-Antispam-PRVS: <AM7PR05MB6823D05A0E99F77DBF98646183CB0@AM7PR05MB6823.eurprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;OLM:10000;
x-forefront-prvs: 01039C93E4
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(346002)(376002)(366004)(136003)(39860400002)(396003)(51444003)(189003)(199004)(25786009)(26005)(186003)(53936002)(2906002)(76116006)(81166006)(102836004)(790700001)(81156014)(7736002)(66556008)(966005)(66446008)(33656002)(6506007)(85202003)(7696005)(8676002)(6116002)(76176011)(55016002)(3846002)(8936002)(74316002)(54896002)(476003)(11346002)(9686003)(19627235002)(6436002)(486006)(554214002)(68736007)(85182001)(66574012)(256004)(14444005)(478600001)(14454004)(2940100002)(64756008)(66066001)(71200400001)(5660300002)(446003)(66476007)(71190400001)(52536014)(110136005)(316002)(6306002)(86362001)(66946007)(99286004)(23603002); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0501MB2768; H:VI1PR0501MB2255.eurprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: endress.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info-Original: AAynAR1D4zKeangQ+xj+F8+OYAUfJnja2yr9KcnGU13L229o8ylA0F26YrwmI6u5bqxC0HxejNLqTNoNLKBTWzDhs0XGqVUstJDx8m2Cos/EUT1J1mJeLr0iWahZclLjnxAgpdpdToZOKm4fVtIH5TEub3dEpp9Z1yrIcqB82/C16D8+G5982O/1k6eh/v2XZ3V7HYHJpVjkOSBq61SxzRZim55dLl0gydG78lgS82yFwam6TDpS6haXeARIQclyTxnkvo2YcCHjvbR+oAPA/jcUoR1Bmow6/DHv4JaeQaxztVZBEOcpi5VMOBCseWfwP1Z3taqYv+FRa2LYKcl/tEc7snZ5C6/82BHpCVF4cDHf9kTQ+aCyLjqwUqd/jdSYq7gx3F+QyJTmaVzo8PcscmCpc52Rb7z8CYpdKy0+Pmg=
Content-Type: multipart/alternative; boundary="_000_VI1PR0501MB22552132C0FE682841A9CAFB83CB0VI1PR0501MB2255_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0501MB2768
X-OriginalArrivalTime: 19 Jul 2019 09:45:04.0247 (UTC) FILETIME=[A4358070:01D53E16]
X-Trailer: 1
X-GBS-PROC: h6Y5KL0imaaBeOlh9oQP94n+vVJ3+rSeKPLucmsWLnI=
X-GRP-TAN: IQWE01@BE68F87B21BB4F0ABC44C3E348465955
X-iqsuite-process: processed
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT059.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:40.68.44.165; IPV:CAL; SCL:-1; CTRY:NL; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(346002)(396003)(39860400002)(376002)(136003)(2980300002)(26234003)(51444003)(189003)(199004)(486006)(19627235002)(61614004)(14444005)(33656002)(25786009)(85182001)(53936002)(68736007)(236005)(55016002)(54896002)(6306002)(3846002)(790700001)(6116002)(7696005)(606006)(9686003)(2940100002)(14454004)(336012)(33964004)(76176011)(102836004)(85202003)(6506007)(15974865002)(186003)(69596002)(11346002)(446003)(2906002)(26005)(86362001)(126002)(476003)(66574012)(52536014)(81156014)(81166006)(70206006)(8936002)(76130400001)(106002)(110136005)(8676002)(99286004)(74316002)(5660300002)(316002)(7736002)(16586007)(356004)(26826003)(66066001)(966005)(554214002)(71190400001)(478600001)(70586007)(23603002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM7PR05MB6823; H:iqsuite.endress.com; FPR:; SPF:Pass; LANG:en; PTR:InfoDomainNonexistent; MX:1; A:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 99bcd212-0543-4fb9-d088-08d70c2dc672
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(710020)(711020)(4605104)(4709080)(1401327)(2017052603328)(7193020); SRVR:AM7PR05MB6823;
X-MS-Exchange-PUrlCount: 4
X-Forefront-PRVS: 01039C93E4
X-Microsoft-Antispam-Message-Info: QlL36qPlqORa/2+c0itsgKepeXgzfgNifmuvZkzBFKM733Mitl7VtttfVCaCZBIa1/L/fhG97VCdbGLuW7vG7DShLLb2IMQ1sh3T0v9Aep8L1moU2NKvz9uCXcMehCj6DHiD1PrTmp3E8cLmj3oKzZ6dpPOrmbn5mVVWeATv32RLbOWoqjz91Lulx4yF2phkzo9MibCOjVhOWxxVK+Nrc7YtP7ydJ4HBHamtxteRwArykOoSmSsN0w1hSzH6uU9HH4UVRIE6nUYR6h54SMyUxH973WCBJYsasSqIDj8ijYKhDi8WSUUUGIdX8hwhtwlyiBnljUmddoT5v0lPuR7gdEXrI/GiZ2I9bUaqayauqeF/XfbQmfgC2WriYsQTmiw8lAjkEAnRBd7ErjS87q9hRq8zQKTO2mRYldXODh4mWRI=
X-OriginatorOrg: endress.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Jul 2019 09:45:06.6703 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: b192a97a-605c-450f-389f-08d70c2dc862
X-MS-Exchange-CrossTenant-Id: 52daf2a9-3b73-4da4-ac6a-3f81adc92b7e
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=52daf2a9-3b73-4da4-ac6a-3f81adc92b7e; Ip=[40.68.44.165]; Helo=[iqsuite.endress.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7PR05MB6823
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/72HcDtwa7lhAC4Hn0EPDy2vQe5k>
Subject: [Cfrg] PAKE selection process: Maybe we need a modular approach for integrating authentication of human individuals with TLS?
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Jul 2019 09:45:15 -0000

Hello to all,

I am writing this mail in order to prepare the future steps regarding PAKE on and after the Montreal Conference.

My personal perception is that among the set of current nominations no protocol was proposed that is obviously inadequate. (I personally am somewhat sceptic regarding the proof situations for “SPAKE2+EE/BSPAKE” and “SPEKE”, but even for these two I don’t see  obvious flaws if integrated properly.) My expectation is that regarding the security-topics, we might reach consensus in the CFRG community quite easily, once we have established a common understanding of the design priorities regarding patents, round efficiency, computational efficiency and security-guarantees.

I believe that the main objections regarding PAKE will come from elsewhere: The people that would have to integrate it into larger systems like TLS, browsers, OS or password database management modules (such as PAM).

I see the urgent need to standardize a sound PAKE for human user authentication and I think that for this purpose we will need to consider the concerns and needs of the “system integration” people very seriously. Otherwise, we might not be successful with the project of improving security and usability.

When trying to “wear the hat” of these people, I came to the conclusion that we might need some kind of a modular system integration approach. I have spend quite some time and discussions on this topic. I would appreciate your feedback regarding the problem analysis and solution approach that I tried to summarize in the slides available at https://github.com/BjoernMHaase/fe25519/blob/master/Concept_For_Modularized_PAKE_integration_into_TLS.pdf .

Maybe somebody might also spread this link to the TLS working group people or discuss the topic of TLS integration of PAKE at the upcoming conference in Montreal. (There seems to be an issue with my mail accounts being blocked from posting to the TLS mailing list ☹).

I am looking forward to entering a discussion with you.

Yours,

Björn.


Mit freundlichen Grüßen I Best Regards 

Dr. Björn Haase 

Senior Expert Electronics | TGREH Electronics Hardware
Endress+Hauser Conducta GmbH+Co.KG | Dieselstrasse 24 | 70839 Gerlingen | Germany
Phone: +49 7156 209 377 | Fax: +49 7156 209 221
bjoern.haase@endress.com |  www.conducta.endress.com 



Endress+Hauser Conducta GmbH+Co.KG
Amtsgericht Stuttgart HRA 201908
Sitz der Gesellschaft: Gerlingen
Persönlich haftende Gesellschafterin:
Endress+Hauser Conducta Verwaltungsgesellschaft mbH
Sitz der Gesellschaft: Gerlingen
Amtsgericht Stuttgart HRA 201929
Geschäftsführer: Dr. Manfred Jagiella

 
Gemäss Datenschutzgrundverordnung sind wir verpflichtet, Sie zu informieren, wenn wir personenbezogene Daten von Ihnen erheben.
Dieser Informationspflicht kommen wir mit folgendem Datenschutzhinweis (https://www.endress.com/de/cookies-endress+hauser-website) nach.

 

Disclaimer: 

The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you receive this in error, please contact the sender and delete the material from any computer. This e-mail does not constitute a contract offer, a contract amendment, or an acceptance of a contract offer unless explicitly and conspicuously designated or stated as such.