Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG document

Yoav Nir <> Mon, 15 December 2014 11:16 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 1CB751A1B0D for <>; Mon, 15 Dec 2014 03:16:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 6gdSeSAwQGQT for <>; Mon, 15 Dec 2014 03:16:27 -0800 (PST)
Received: from ( [IPv6:2a00:1450:400c:c05::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id AFFBB1A1B0B for <>; Mon, 15 Dec 2014 03:16:26 -0800 (PST)
Received: by with SMTP id bs8so8476447wib.10 for <>; Mon, 15 Dec 2014 03:16:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to; bh=j/R2ywGy1rCvgnsB9cRxpWOP9XyCbKIVztngHmZu4wo=; b=ChpTGJ1i11DV3ciKItT/SNJrjxhv5ps0AZC+4WmaEaqyc4leIw4Q5EgDqQ2ozluBBG +LmWTX1KImNMPmDGNpNwfLBhRro9KAR+EkiGjPqfABEVGiTNgcNqU8VYdSgnHBsZPddv M8dIgz2NYWMYw6KDlhTek5nPZRr4iMw8OkqeZzd5fbf1MUsOAk3VN2orHtFXBlqVRxVN zjVQzLdokPTB90XWIKXPp6Ri5eeehltdf4I4Mek2CMYOeeoYqHDxsZgUv3HQCdF3DM+K lFXnCaeHeJy3N2UtaETj+hTn038Gck68lRwWPH/Vhrqk2ys3C6F7W3KntYScLWr6WDAI Bsvg==
X-Received: by with SMTP id he6mr30877033wib.44.1418642185459; Mon, 15 Dec 2014 03:16:25 -0800 (PST)
Received: from [] ( []) by with ESMTPSA id wa5sm12648184wjc.8.2014. for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 15 Dec 2014 03:16:24 -0800 (PST)
Content-Type: multipart/alternative; boundary="Apple-Mail=_20693C49-9C6A-4E66-A725-EC6260BC9EEF"
Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\))
From: Yoav Nir <>
In-Reply-To: <>
Date: Mon, 15 Dec 2014 13:16:22 +0200
Message-Id: <>
References: <>
To: Alexey Melnikov <>
X-Mailer: Apple Mail (2.1993)
Cc: "" <>
Subject: Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG document
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 15 Dec 2014 11:16:29 -0000

> On Dec 14, 2014, at 6:41 PM, Alexey Melnikov <> wrote:
> Hi,
> This message starts 3 weeks adoption call for draft-ladd-spake2. Please reply to this message or directly to CFRG chairs, stating one of the following
> 1) that you are happy to adopt the draft as a starting point
> 2) that you are not happy to adopt this draft
> or
> 3) that you think the document needs more work before the RG should consider adopting it
> While detailed document reviews are generally welcome, this not a call to provide detailed comments on the document.

Definitely not (3), as I think the document is in fine enough a shape to be adopted, despite it needing a lot of work.

But I would really like to know who needs a PAKE right now. PAKEs require the server to store the cleartext password or a password equivalent, creating a security issue that is potentially worse than sending cleartext passwords through authenticated channels (as in form-based or basic authentication to a TLS-protected server)

So, yes, there’s a framework for PAKEs in IKE, and one can be created for TLS, and an EAP method with a PAKE could also be used in a number of places, but all those things get little use. So without comparing the merits of SPAKE2 to the previous PAKE that got discussed in this working group, who is the “customer” for any PAKE?