Re: [Cfrg] Dragonfly has advantages -> was Re: Requesting removal of CFRG co-chair
Trevor Perrin <trevp@trevp.net> Sat, 04 January 2014 16:47 UTC
Return-Path: <trevp@trevp.net>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D89B71AE03B for <cfrg@ietfa.amsl.com>; Sat, 4 Jan 2014 08:47:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.978
X-Spam-Level:
X-Spam-Status: No, score=-3.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, GB_I_LETTER=-2, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RqolIwMP9L_Y for <cfrg@ietfa.amsl.com>; Sat, 4 Jan 2014 08:47:47 -0800 (PST)
Received: from mail-wi0-f172.google.com (mail-wi0-f172.google.com [209.85.212.172]) by ietfa.amsl.com (Postfix) with ESMTP id 901281ADED6 for <cfrg@irtf.org>; Sat, 4 Jan 2014 08:47:47 -0800 (PST)
Received: by mail-wi0-f172.google.com with SMTP id en1so1450973wid.17 for <cfrg@irtf.org>; Sat, 04 Jan 2014 08:47:39 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=Z1XMhz+R1b6+EfSVfejrSbC46f5kGZLnKgZUhUmJqh0=; b=OwwvOXXyXqYr+i/awmwn2equ3FP5+mdxOstO6/DlViOnWjaS0U0tSgLtyttgtj99QI auXo3aZRnqSr6JFkQR7JFGeKKtUf+QovZNXG8QazxrqCKZ6zpW6x0Xy90DuxWDf4DOxT rTIsYi6kzM+yGHcb5erosLkXYE329WOflBDndKgcPkATf4oIBhAcxHVq35qQ/n3qrAnQ F6Ztk1jpTvomj+JJiacCJC8d3DoqvlpnoSnTClA1Ko4+k1zNiYHt4P4JhsXrGciEkj+a 1CDln34A3Cui5ES8Z+WbqlUjktwdc8EWWTlJGckHc3CR1Kj6I5jiiTf3EBKFDx6kElSo HhUw==
X-Gm-Message-State: ALoCoQntxOqbEwnfOyd2qOcuqCRaKs9efTlk3eqzviqEO1oO5NBOC+CYQ1VjgkLgSiacisvmaceB
MIME-Version: 1.0
X-Received: by 10.180.109.107 with SMTP id hr11mr6068201wib.56.1388854059354; Sat, 04 Jan 2014 08:47:39 -0800 (PST)
Received: by 10.216.214.134 with HTTP; Sat, 4 Jan 2014 08:47:39 -0800 (PST)
X-Originating-IP: [199.83.223.81]
In-Reply-To: <CEED247E.2B845%paul@marvell.com>
References: <CEED247E.2B845%paul@marvell.com>
Date: Sat, 04 Jan 2014 08:47:39 -0800
Message-ID: <CAGZ8ZG1FinAf3bNfprF69aHfMNFjLaN8KS=yBJNJ8HQENLYXvQ@mail.gmail.com>
From: Trevor Perrin <trevp@trevp.net>
To: Paul Lambert <paul@marvell.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
Cc: David McGrew <mcgrew@cisco.com>, "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] Dragonfly has advantages -> was Re: Requesting removal of CFRG co-chair
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Jan 2014 16:47:50 -0000
On Sat, Jan 4, 2014 at 2:52 AM, Paul Lambert <paul@marvell.com> wrote: > > > On 1/3/14, 6:43 PM, "Trevor Perrin" <trevp@trevp.net> wrote: > > Trevor, > >> >>But there's a bigger picture: Regardless of timing attacks, Dragonfly >>is inferior to alternatives already standardized > >> > No. The Dragonfly proposal was submitted by Dan as an IPR free > contribution. > This has considerable value and makes it implementable in consumer > products. > > It is also closely related to other work adopted in commercial sytems and > should be pursued as an RFC to ensure it¹s continued vetting. > > The discussion has resulted in mitigating risks. To date I have not seen > any indication that the protocol is Œbroken¹. > > I agree that it has more complexity and message exchanges that other > approaches. These other protocols have NOT been viable to ship in the > products I build. Hi Paul, SPAKE2 has no current patents I'm aware of. SRP has royalty-free licensing. Both have been deployed in commercial products. Why aren't they viable for you? http://www.di.ens.fr/~abdalla/papers/AbPo05a-letter.pdf http://tools.ietf.org/search/rfc5054 (Of course, there are other promising alternatives - e.g. AugPAKE, J-PAKE, or an Elligator-based PAKE). Trevor
- Re: [Cfrg] Suggestion for open competition on PAK… Paul Hoffman
- [Cfrg] Dragonfly has advantages -> was Re: Reques… Paul Lambert
- [Cfrg] Suggestion for open competition on PAKE ->… Feng Hao
- Re: [Cfrg] Dragonfly has advantages -> was Re: Re… Feng Hao
- Re: [Cfrg] Suggestion for open competition on PAK… David McGrew
- Re: [Cfrg] Dragonfly has advantages -> was Re: Re… Trevor Perrin
- Re: [Cfrg] Suggestion for open competition on PAK… Trevor Perrin
- Re: [Cfrg] Suggestion for open competition on PAK… Feng Hao
- Re: [Cfrg] Suggestion for open competition on PAK… Feng Hao
- Re: [Cfrg] Suggestion for open competition on PAK… David Jacobson
- Re: [Cfrg] Suggestion for open competition on PAK… Watson Ladd
- Re: [Cfrg] Suggestion for open competition on PAK… Samuel Neves
- Re: [Cfrg] Suggestion for open competition on PAK… Dan Harkins
- Re: [Cfrg] Dragonfly has advantages Paul Lambert
- Re: [Cfrg] Dragonfly has advantages Feng Hao
- Re: [Cfrg] Dragonfly has advantages Paul Lambert
- Re: [Cfrg] Dragonfly has advantages Feng Hao