[CFRG] draft-irtf-cfrg-opaque-10
"Campagna, Matthew" <campagna@amazon.com> Tue, 30 May 2023 17:39 UTC
Return-Path: <prvs=507f4b849=campagna@amazon.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5831AC169523; Tue, 30 May 2023 10:39:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.599
X-Spam-Level:
X-Spam-Status: No, score=-14.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazon.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id twuBCSZjbRid; Tue, 30 May 2023 10:39:15 -0700 (PDT)
Received: from smtp-fw-33001.amazon.com (smtp-fw-33001.amazon.com [207.171.190.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 092ADC159A35; Tue, 30 May 2023 10:39:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1685468355; x=1717004355; h=from:to:cc:subject:date:message-id:mime-version; bh=c1VO7iQmpeYZxFBJIFCJtIey35kWsrvnlbBTCpOIpc8=; b=a3Xe4uZjQMOOQYIfaH3fnxQkF4MpC9mYHJL0FehHvotBgip84yf2GPLD hpbolKqJflAWPLBqGgrfgAlohFDsOMc47WpGxnJs0x9g6DiruWcfpig2Q vLm8RjUfGoCRxo5wzQdu2R69kkyhoIXr3bUsII7FujcvD2O3Yav2uACB8 M=;
X-IronPort-AV: E=Sophos;i="6.00,204,1681171200"; d="scan'208,217";a="288429859"
Received: from iad12-co-svc-p1-lb1-vlan3.amazon.com (HELO email-inbound-relay-pdx-2b-m6i4x-189d700f.us-west-2.amazon.com) ([10.43.8.6]) by smtp-border-fw-33001.sea14.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 May 2023 17:39:14 +0000
Received: from EX19MTAUWC001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan2.pdx.amazon.com [10.236.137.194]) by email-inbound-relay-pdx-2b-m6i4x-189d700f.us-west-2.amazon.com (Postfix) with ESMTPS id A0B6240DEF; Tue, 30 May 2023 17:39:12 +0000 (UTC)
Received: from EX19D012UWC001.ant.amazon.com (10.13.138.177) by EX19MTAUWC001.ant.amazon.com (10.250.64.174) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Tue, 30 May 2023 17:39:12 +0000
Received: from EX19D012UWC002.ant.amazon.com (10.13.138.165) by EX19D012UWC001.ant.amazon.com (10.13.138.177) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Tue, 30 May 2023 17:39:12 +0000
Received: from EX19D012UWC002.ant.amazon.com ([fe80::afb2:a509:3c85:23c6]) by EX19D012UWC002.ant.amazon.com ([fe80::afb2:a509:3c85:23c6%5]) with mapi id 15.02.1118.026; Tue, 30 May 2023 17:39:12 +0000
From: "Campagna, Matthew" <campagna@amazon.com>
To: "cfrg@ietf.org" <cfrg@ietf.org>
CC: "draft-irtf-cfrg-opaque@ietf.org" <draft-irtf-cfrg-opaque@ietf.org>
Thread-Topic: draft-irtf-cfrg-opaque-10
Thread-Index: AQHZkx2lF7XtLdHQ6EWCGaCjXzvARA==
Date: Tue, 30 May 2023 17:39:11 +0000
Message-ID: <15B7EBBE-2E4D-4785-8CF4-5ABE2B432D6F@amazon.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.72.23043001
x-originating-ip: [10.63.170.9]
Content-Type: multipart/alternative; boundary="_000_15B7EBBE2E4D47858CF45ABE2B432D6Famazoncom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/7xBO1Yb8uYvb6-jPl7IKHbTqO8Q>
Subject: [CFRG] draft-irtf-cfrg-opaque-10
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 May 2023 17:39:17 -0000
In regards to changes between version 09 and 10, and the change from scrypt to argon2id for the recommended configurations. This was discussed here https://github.com/cfrg/draft-irtf-cfrg-opaque/issues/376, and I am sorry I missed this discussion. There are good reasons to consider argon2id as a recommended configuration. While OPAQUE is not a FIPS specification, the previous recommended configuration P256-SHA256, HKDF-SHA-256, HMAC-SHA-256, SHA-256, scrypt(32768,8,1), P-256 can be written to run atop a FIPS certified module, and reduces the algorithms needed to support the configuration. I think by having a recommended that includes such a configuration, there will be better interoperability support for it. It will be more likely versions of OPAQUE will be implemented using cryptographic libraries that have undergone certification (and should hypothetically be of higher assurance), or meet requirements of institutions that require FIPS-certified crypto modules be used for their applications. From such an institution perspective, I would be equally happy to have a recommended scheme of P384-SHA384, HKDF-SHA-384, HMAC-SHA-384, SHA-384, scrypt(32768,8,1), P-384 This scheme would meet CNSA 1.0 security levels and could be implemented using a FIPS-certified library. We would be happy to support such a change by providing test vectors for interoperability. Sincerely, Matt Campagna
- [CFRG] draft-irtf-cfrg-opaque-10 Campagna, Matthew