IETF Logo Mail Archive

Re: [Cfrg] Adoption call for draft-harkins-pkex-05

Richard Barnes <rlb@ipv.sx> Thu, 12 April 2018 13:48 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C912127136 for <cfrg@ietfa.amsl.com>; Thu, 12 Apr 2018 06:48:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.608
X-Spam-Level:
X-Spam-Status: No, score=-2.608 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EcYFDrBQfcxO for <cfrg@ietfa.amsl.com>; Thu, 12 Apr 2018 06:48:08 -0700 (PDT)
Received: from mail-oi0-x22c.google.com (mail-oi0-x22c.google.com [IPv6:2607:f8b0:4003:c06::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0156A126CE8 for <cfrg@irtf.org>; Thu, 12 Apr 2018 06:48:07 -0700 (PDT)
Received: by mail-oi0-x22c.google.com with SMTP id z8-v6so5195844oix.2 for <cfrg@irtf.org>; Thu, 12 Apr 2018 06:48:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=gvbDPI9Q7cjAVRVIc7PCXm2BV82e41X2PzeGVIa4Ngw=; b=mVLsx9AEN41AF4Wn4fxVDw4SQ8oKyXR6CyXhVlhqYyGDfUuyXKaZGzexOKTTLF7/Tf D+pkEEgHzuSFjm6zs+tkHaNEnAyV6DR3oIoyJENqoYHkKJGHfjj1eBN0XzB4Mnh9lH/f H7XDe81yTm6UxqYMnypg44uSXyomOYeBYibY0fzf8En2fy1obICHU+ph+0FjEimpF9xz jAIkBPbnBg/AYEulHM1PNRCUgQXdWNT2388lCmMJw95Qvh2b+Ix3yh3KLIvSuKgpbtx/ puvrJEMG31Di0KovJJZCRpq/n+QI17EiLk0S5FBp7zT87DDg5wOlIiMZacbnPTDZBZ5M LWfg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=gvbDPI9Q7cjAVRVIc7PCXm2BV82e41X2PzeGVIa4Ngw=; b=aDRiHsIWh0931EO9YOUzoeonkIM17Mrd+KYYEkZ/tz0ssjXhTk1QviHjIGtV08jVAS 7a39Lf/eCKRUtP/IOrK0aqfvVUgC6Fu2nas/GVK8dkJQbkCiCVzE5fEpsMB4tlfZ28vJ Ve1sRIVGi64wg4rpDJuRKNU99XEnlZWsFuvzqM3ng+sxNIF/Kb2bLFYE23sQpz911fIk Phi07w6xNe+mLowXzar/ppWVX7D6FBdkQh5iyK1UOkqL+Nne12ZA/wJkys+7JFMkkJgz +8LueKmUwlUxPRlakwh32enfGOuq5nYYuplryMR3/tpcUo1M1txIxblbWq7zgAgkaSku mrAg==
X-Gm-Message-State: ALQs6tBuSmYj9JsvmTkXV8xTo+zpi9ued0blwiqIblhURxVdlM0VyTrj RT5QZ3If88SH2miWWGK56gbeMx92XGXNlVLFcUFDEg==
X-Google-Smtp-Source: AIpwx4+eMhhnXdNVeaYg8XznU08CZ9cHn0UFLg9vh+3DmQgxQLHCZhiCWZus0NBEC0Ut8a4QwKyYx6E/NYmgrApr0Bg=
X-Received: by 2002:aca:30c6:: with SMTP id w189-v6mr5455446oiw.29.1523540887106; Thu, 12 Apr 2018 06:48:07 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.201.90.67 with HTTP; Thu, 12 Apr 2018 06:48:06 -0700 (PDT)
In-Reply-To: <3C9F0260-66B3-4436-959D-AC97329FEA50@ll.mit.edu>
References: <5ACA0006.4020809@isode.com> <810C31990B57ED40B2062BA10D43FBF501C515B8@XMB116CNC.rim.net> <810C31990B57ED40B2062BA10D43FBF501C5168A@XMB116CNC.rim.net> <810C31990B57ED40B2062BA10D43FBF501C51B18@XMB116CNC.rim.net> <16affdfc-df9a-a883-e0d6-dd52efee15e4@lounge.org> <CAL02cgT72J=cboruKiHnF4BP7ffaDfae=JeoYDJJfjenF4wC8Q@mail.gmail.com> <fe239e8a-0a64-4b8b-7dba-f38fcfcdc4fd@lounge.org> <CAL02cgRy7M8AjQySy=1njavj+cyxPvQe-n1f+N4xVc_GZFwdNA@mail.gmail.com> <90c10953-6550-09d0-642e-e84710b706cf@lounge.org> <CAL02cgTF6E697t+twXwbkrzZ7OHsFPh--W_NaT5-f0VJ=Jo7Tg@mail.gmail.com> <3C9F0260-66B3-4436-959D-AC97329FEA50@ll.mit.edu>
From: Richard Barnes <rlb@ipv.sx>
Date: Thu, 12 Apr 2018 09:48:06 -0400
Message-ID: <CAL02cgT1Vemzu5xX5veMvWe=zCh=27HhxWDru3mB8MG+-mQjQg@mail.gmail.com>
To: "Blumenthal, Uri - 0553 - MITLL" <uri@ll.mit.edu>
Cc: Dan Harkins <dharkins@lounge.org>, CFRG <cfrg@irtf.org>
Content-Type: multipart/alternative; boundary="000000000000608dfb0569a701d2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/7vi_A0QVFR571ElDhNCoYimtf38>
Subject: Re: [Cfrg] Adoption call for draft-harkins-pkex-05
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Apr 2018 13:48:10 -0000

On Thu, Apr 12, 2018 at 9:34 AM, Blumenthal, Uri - 0553 - MITLL <
uri@ll.mit.edu> wrote:

> On Apr 12, 2018, at 09:21, Richard Barnes <rlb@ipv.sx> wrote:
>
>>
>>   I'm not sure where the mashup is. You have basically described PKEX. It
>> does
>> SPAKE2 and then it sends identities and a proof of possession protected
>> by the
>> PAKE shared secret.
>>
>
> What I mean is that in addition to just using the PAKE, you're also
> changing its internals:
>
> - Instead of using the password as input, PKEX hashes in the identities
>
>
> I’d rather type a 20-character password than 256-character hash, thank you!
>
> I prefer keeping PKEX as it is now.
>

None of the alternatives being discussed here would entail a user interface
change.

Also, to be precise, a SHA-256 hash is only 64 characters, if you do it in
hex ;)

--RIchard

v2.23.0 | Report a Bug | By Email