Re: [Cfrg] Dragonfly has advantages -> was Re: Requesting removal of CFRG co-chair

Trevor Perrin <trevp@trevp.net> Sat, 04 January 2014 16:47 UTC

Return-Path: <trevp@trevp.net>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D89B71AE03B for <cfrg@ietfa.amsl.com>; Sat, 4 Jan 2014 08:47:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.978
X-Spam-Level:
X-Spam-Status: No, score=-3.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, GB_I_LETTER=-2, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RqolIwMP9L_Y for <cfrg@ietfa.amsl.com>; Sat, 4 Jan 2014 08:47:47 -0800 (PST)
Received: from mail-wi0-f172.google.com (mail-wi0-f172.google.com [209.85.212.172]) by ietfa.amsl.com (Postfix) with ESMTP id 901281ADED6 for <cfrg@irtf.org>; Sat, 4 Jan 2014 08:47:47 -0800 (PST)
Received: by mail-wi0-f172.google.com with SMTP id en1so1450973wid.17 for <cfrg@irtf.org>; Sat, 04 Jan 2014 08:47:39 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=Z1XMhz+R1b6+EfSVfejrSbC46f5kGZLnKgZUhUmJqh0=; b=OwwvOXXyXqYr+i/awmwn2equ3FP5+mdxOstO6/DlViOnWjaS0U0tSgLtyttgtj99QI auXo3aZRnqSr6JFkQR7JFGeKKtUf+QovZNXG8QazxrqCKZ6zpW6x0Xy90DuxWDf4DOxT rTIsYi6kzM+yGHcb5erosLkXYE329WOflBDndKgcPkATf4oIBhAcxHVq35qQ/n3qrAnQ F6Ztk1jpTvomj+JJiacCJC8d3DoqvlpnoSnTClA1Ko4+k1zNiYHt4P4JhsXrGciEkj+a 1CDln34A3Cui5ES8Z+WbqlUjktwdc8EWWTlJGckHc3CR1Kj6I5jiiTf3EBKFDx6kElSo HhUw==
X-Gm-Message-State: ALoCoQntxOqbEwnfOyd2qOcuqCRaKs9efTlk3eqzviqEO1oO5NBOC+CYQ1VjgkLgSiacisvmaceB
MIME-Version: 1.0
X-Received: by 10.180.109.107 with SMTP id hr11mr6068201wib.56.1388854059354; Sat, 04 Jan 2014 08:47:39 -0800 (PST)
Received: by 10.216.214.134 with HTTP; Sat, 4 Jan 2014 08:47:39 -0800 (PST)
X-Originating-IP: [199.83.223.81]
In-Reply-To: <CEED247E.2B845%paul@marvell.com>
References: <CEED247E.2B845%paul@marvell.com>
Date: Sat, 4 Jan 2014 08:47:39 -0800
Message-ID: <CAGZ8ZG1FinAf3bNfprF69aHfMNFjLaN8KS=yBJNJ8HQENLYXvQ@mail.gmail.com>
From: Trevor Perrin <trevp@trevp.net>
To: Paul Lambert <paul@marvell.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
Cc: David McGrew <mcgrew@cisco.com>, "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] Dragonfly has advantages -> was Re: Requesting removal of CFRG co-chair
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Jan 2014 16:47:50 -0000

On Sat, Jan 4, 2014 at 2:52 AM, Paul Lambert <paul@marvell.com> wrote:
>
>
> On 1/3/14, 6:43 PM, "Trevor Perrin" <trevp@trevp.net> wrote:
>
> Trevor,
>
>>
>>But there's a bigger picture:  Regardless of timing attacks, Dragonfly
>>is inferior to alternatives already standardized
>
>>
> No. The Dragonfly proposal was submitted by Dan as an IPR free
> contribution.
> This has considerable value and makes it implementable in consumer
> products.
>
> It is also closely related to other work adopted in commercial sytems and
> should be pursued as an RFC to ensure it¹s continued vetting.
>
> The discussion has resulted in mitigating risks.  To date I have not seen
> any indication that the protocol is Œbroken¹.
>
> I agree that it has more complexity and message exchanges that other
> approaches.  These other protocols have NOT been viable to ship in the
> products I build.

Hi Paul,

SPAKE2 has no current patents I'm aware of.  SRP has royalty-free licensing.

Both have been deployed in commercial products.  Why aren't they viable for you?

  http://www.di.ens.fr/~abdalla/papers/AbPo05a-letter.pdf
  http://tools.ietf.org/search/rfc5054

(Of course, there are other promising alternatives - e.g. AugPAKE,
J-PAKE, or an Elligator-based PAKE).


Trevor