[Cfrg] Nomination of SPAKE2
Watson Ladd <watsonbladd@gmail.com> Mon, 27 May 2019 15:51 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 23CC01200C4 for <cfrg@ietfa.amsl.com>; Mon, 27 May 2019 08:51:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0zbghdINye7f for <cfrg@ietfa.amsl.com>; Mon, 27 May 2019 08:51:22 -0700 (PDT)
Received: from mail-lf1-x129.google.com (mail-lf1-x129.google.com [IPv6:2a00:1450:4864:20::129]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5928E120089 for <cfrg@irtf.org>; Mon, 27 May 2019 08:51:22 -0700 (PDT)
Received: by mail-lf1-x129.google.com with SMTP id l26so12395526lfh.13 for <cfrg@irtf.org>; Mon, 27 May 2019 08:51:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=WtkO7dRfe6s4ZGRqbp5AT2C6eiFA+EYEJegTjlIm0rw=; b=U5MpUOyZ6bwru/R8qeJOyzQHEDGj2uJibcGO+cYSPuscrARDTDBs+2hrCZ2JJEdWuW ggpbs3V9LUpMMTlJgIZYXUOPYI1M8nYp4FyLBk0OiVBQKa5B4k6UJVvU+FjqbxewW9a6 nLhSi6c5j6xm5tyGjo164vk8aooAIKOwsCvC2L5K1qJgilbibcF5e2JcKaAAZEDs5cgh VTHbCWvs0/CVE5fgy6BFRpVhCN7fjK0EKKErR2IdfOGtGUO9JPSaP8ZagghaVzz7+98J pbyh1ZYq44hAHjLsgpwLRf2zGBDWVw3D2xfU/9KVoxNIVgNaGg6GTVcwdzIb6Fxs056g 8Glg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=WtkO7dRfe6s4ZGRqbp5AT2C6eiFA+EYEJegTjlIm0rw=; b=rlFJlHx2udbfQcvGimy95pvj6LGgwm5vfA8oaES2QsXKCMo9c9dkQHePzdX1wmf08F 8qiLKvoQk5xkknDFXjiFBypQ9ZoFeBLqlOUHXSdhBP6a6heeT20COaG2TIGQuIk+/bOV olHcV7odgIkIpopzosDN1EBIfbT0qF0Itcorqn6xb2Db1WY3stSz3K91PwvX6HjntM5f blNkevdqVDDKeLHpwFS+uioT2K34QcNT6HpxL21UBgR6JntVR4m4//CYdrJmojvgAZKQ Vl2xgIYSM0pctnl5lcXuQEQA/TRQ4g+6Ne83h3nuIf1nwI7Eup7yYJ8TOUScGOyZFCmh y0zg==
X-Gm-Message-State: APjAAAX6jORG+eyjpgZUTnW/NMn99UVMZ8nHQt2bow4asdRykARJjLt8 EXKty2vzrtqnDX5SjUIBNCoN3S3ue88PHmqgcLwJn5hf
X-Google-Smtp-Source: APXvYqyPSAwdCGcN9gDmiKIDSAqr43/8v5jtFAGOCyQrYuQeIQ7KnxYVo387q7RgG8NHnsvhQPXDdsq6DkbTnT2YZfo=
X-Received: by 2002:ac2:51ab:: with SMTP id f11mr2997950lfk.55.1558972280116; Mon, 27 May 2019 08:51:20 -0700 (PDT)
MIME-Version: 1.0
From: Watson Ladd <watsonbladd@gmail.com>
Date: Mon, 27 May 2019 08:51:09 -0700
Message-ID: <CACsn0ckHoa1Xs5WtVwhWQ0PoNdazp2A=Yd7-wEHx-2mZRksNQA@mail.gmail.com>
To: CFRG <cfrg@irtf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/Awvalqa_n8U-T1Jz_kxM-h3xgvM>
Subject: [Cfrg] Nomination of SPAKE2
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 May 2019 15:51:24 -0000
Dear all, Ben and I would like to nominate SPAKE2 for consideration in the PAKE contest. We are entering only the balanced variant as OPAQUE is far superior to the augmented version. So far the changes between various versions of the draft have all been about groups with nonprime orders, and we think we finally have the right thing figured out/ could use Risotto. While the security proofs published use prime order, adapting to working on the quotient is straightforward. Sincerely, Watson Ladd
- [Cfrg] Nomination of SPAKE2 Watson Ladd