[Cfrg] Fwd: New Version Notification for draft-krawczyk-cfrg-opaque-01.txt

Hugo Krawczyk <hugo@ee.technion.ac.il> Tue, 12 March 2019 04:28 UTC

Return-Path: <hugokraw@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 11925130EBB for <cfrg@ietfa.amsl.com>; Mon, 11 Mar 2019 21:28:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.648
X-Spam-Status: No, score=-1.648 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id dH6xFziOKBZe for <cfrg@ietfa.amsl.com>; Mon, 11 Mar 2019 21:28:38 -0700 (PDT)
Received: from mail-io1-f43.google.com (mail-io1-f43.google.com []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DD3F6130E6F for <cfrg@ietf.org>; Mon, 11 Mar 2019 21:28:34 -0700 (PDT)
Received: by mail-io1-f43.google.com with SMTP id x4so930188ion.2 for <cfrg@ietf.org>; Mon, 11 Mar 2019 21:28:34 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=JUxc3LkcQbH11zF6AcJPdT6RdLI2Q/NWdz07Km0Y88k=; b=LOm9TddcM+YZYS1tfp+v44hFCFhA0EtrVGAA9T1xsZKR4hmPOwoAe/J0MTplgW5Z34 de+gjNVZ3VlNOK5mvHwv+pDqnyWOvRl81unhBs4r58AocJ+DAOaCThNdQ14Jj9kc0Yqf xGCdFrJzGudK6Qpx5GiiaXpijzbUte3SuS1niVOFV/IuWYY56FDOuV3pqy0mlY6SH9wE W11Wj/fDTGVL8RQLUYBPqi/Fe2QdIl2p2MwKV4/JEihGw+QSQEKOaGO5vcFh5/ieCIG9 DA2e19BdSOxthJtA4w8tfxdDBv2lfhORAOSNDN3+nAgPbvg792ynQQ9YTUMtBZRMz1Go B4kw==
X-Gm-Message-State: APjAAAVTwNoXDK5njNS6VhUevtTQ70uOo0bx1yei58uEafI7qB9RgtOG WGT1YFwH8IKUStPpa9mxTMxbZUihBQtdKvdubVsOoG6v
X-Google-Smtp-Source: APXvYqw12OCFOW7qiwDJGhoh60WuDWxXE3stnRO963F1TjMA8mnt1Sek4jTphGd1cZkNoFM7vl8C+GfibuYd/lik8HM=
X-Received: by 2002:a6b:db19:: with SMTP id t25mr5779837ioc.140.1552364913663; Mon, 11 Mar 2019 21:28:33 -0700 (PDT)
MIME-Version: 1.0
References: <154621437468.6980.7409067040429346614.idtracker@ietfa.amsl.com>
In-Reply-To: <154621437468.6980.7409067040429346614.idtracker@ietfa.amsl.com>
From: Hugo Krawczyk <hugo@ee.technion.ac.il>
Date: Tue, 12 Mar 2019 00:27:55 -0400
Message-ID: <CADi0yUPX1-V9Cpdw5h50GGwbn+qs6W+A1C1BDpJVsAR5aFoAnQ@mail.gmail.com>
To: cfrg@ietf.org
Content-Type: multipart/alternative; boundary="0000000000003da1830583de1fb7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/83J3P-kE8V5sLwJkGl0Ap9tzjcQ>
Subject: [Cfrg] Fwd: New Version Notification for draft-krawczyk-cfrg-opaque-01.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2019 04:28:41 -0000

Dear CFRG and chairs,

Draft draft-krawczyk-opaque-01 introduces the OPAQUE scheme, an asymmetric
(or augmented) password-authenticated key exchange with unique security and
functional features. The draft describes OPAQUE's general design and ways
to integrate it with several KE schemes, including TLS 1.3.  I would like
this work to be considered and discussed as a CFRG WG document.

In parallel, we submitted draft-sullivan-tls-opaque-00 to the TLS WG with a
much more detailed (though initial) specification for integrating OPAQUE
into TLS 1.3.


---------- Forwarded message ---------
From: <internet-drafts@ietf.org>
Date: Sun, Dec 30, 2018 at 7:00 PM
Subject: New Version Notification for draft-krawczyk-cfrg-opaque-01.txt
To: Hugo Krawczyk <hugo@ee.technion.ac.il>

A new version of I-D, draft-krawczyk-cfrg-opaque-01.txt
has been successfully submitted by Hugo Krawczyk and posted to the
IETF repository.

Name:           draft-krawczyk-cfrg-opaque
Revision:       01
Title:          The OPAQUE Asymmetric PAKE Protocol
Document date:  2018-12-28
Group:          Individual Submission
Pages:          20
Status:         https://datatracker.ietf.org/doc/draft-krawczyk-cfrg-opaque/
Htmlized:       https://tools.ietf.org/html/draft-krawczyk-cfrg-opaque-01

   This draft describes the OPAQUE protocol, a secure asymmetric
   password authenticated key exchange (aPAKE) that supports mutual
   authentication in a client-server setting without any reliance on
   PKI.  OPAQUE is the first PKI-free aPAKE to accommodate secret salt
   and therefore it is the first to be secure against pre-computation
   attacks upon server compromise.  In contrast, prior aPAKE protocols
   did not use salt and if they did, the salt was transmitted in the
   clear from server to user allowing for the building of targeted
   pre-computed dictionaries.  OPAQUE security has been proven by
   Jarecki et al.  (Eurocrypt 2018) in a strong and universally
   composable formal model of aPAKE security.  In addition, the protocol
   provides forward secrecy and the ability to hide the password from
   the server even during password registration.

   Strong security, good performance and an array of additional features
   make OPAQUE a natural candidate for practical use and for adoption as
   a standard.  To this end, this draft presents several optimized
   instantiations of OPAQUE and ways of integrating OPAQUE with TLS.

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat