Re: [Cfrg] Cfrg Digest, Vol 90, Issue 2
"Dan Harkins" <dharkins@lounge.org> Tue, 16 October 2012 23:54 UTC
Return-Path: <dharkins@lounge.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C45BE11E80A3 for <cfrg@ietfa.amsl.com>; Tue, 16 Oct 2012 16:54:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.265
X-Spam-Level:
X-Spam-Status: No, score=-6.265 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ljX33+FmKcoe for <cfrg@ietfa.amsl.com>; Tue, 16 Oct 2012 16:54:24 -0700 (PDT)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by ietfa.amsl.com (Postfix) with ESMTP id 2452111E80A2 for <cfrg@irtf.org>; Tue, 16 Oct 2012 16:54:24 -0700 (PDT)
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id 8326110224008; Tue, 16 Oct 2012 16:54:23 -0700 (PDT)
Received: from 115.125.248.113 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Tue, 16 Oct 2012 16:54:23 -0700 (PDT)
Message-ID: <f7ea7df56ae5eb5b4573c0f1c087c3d5.squirrel@www.trepanning.net>
In-Reply-To: <CAC7JQK1JTO4j3+bPkO6L-jfEekTc2Fo7znJ44Z8Uvcw5-dVUAw@mail.gmail.com>
References: <mailman.119.1350327624.17719.cfrg@irtf.org> <CAC7JQK1JTO4j3+bPkO6L-jfEekTc2Fo7znJ44Z8Uvcw5-dVUAw@mail.gmail.com>
Date: Tue, 16 Oct 2012 16:54:23 -0700
From: Dan Harkins <dharkins@lounge.org>
To: Jonathan Katz <jkatz@cs.umd.edu>
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Cc: dharkins@arubanetworks.com, cfrg@irtf.org
Subject: Re: [Cfrg] Cfrg Digest, Vol 90, Issue 2
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Oct 2012 23:54:24 -0000
Hello, On Tue, October 16, 2012 9:25 am, Jonathan Katz wrote: > The draft hints at some sort of security proof, but does not reference > where one can find such a proof. Is the protocol based on something > published in the literature? There is no security proof. It can be shown secure against passive attack but I have no proof against active/dictionary attack. In fact, you previously pointed out that in the random oracle model it probably cannot be proven secure. You showed that if one were to remove the key confirmation step, have the adversary perform an active attack against the "commit" exchange and then have the adversary perform the Reveal query to each side that it would be possible to do a dictionary attack. regards, Dan. > On Mon, Oct 15, 2012 at 3:00 PM, <cfrg-request@irtf.org> wrote: > >> >> Today's Topics: >> >> 1. Dragonfly Password Authenticated Key Exchange (Igoe, Kevin M.) >> >> >> ---------------------------------------------------------------------- >> >> Message: 1 >> Date: Mon, 15 Oct 2012 17:38:10 +0000 >> From: "Igoe, Kevin M." <kmigoe@nsa.gov> >> To: "cfrg@irtf.org" <cfrg@irtf.org> >> Subject: [Cfrg] Dragonfly Password Authenticated Key Exchange >> Message-ID: >> < >> 3C4AAD4B5304AB44A6BA85173B4675CA25587173@MSMR-GH1-UEA03.corp.nsa.gov> >> Content-Type: text/plain; charset="us-ascii" >> >> I would like to call the list's attention to >> draft-irtf-cfrg-dragonfly-00, >> recently written >> by Dan Harkins at the request of the CFRG chairs. Please look it over. >> >> P.S. We'd welcome suggestions for other algorithms CFRG should take >> under >> its >> wings. Our goal is to have a single site people can got to and find >> cryptographic >> primitives either currently being used in the IETF or deemed suitable >> for >> IETF usage. >> >> The ongoing effort to collect the IETF symmetric key algorithms into a >> single RFC >> is a core part of this effort, but only covers primitives currently in >> use, not primitives >> that the list feels might have a role to play in future IETF standards. >> >> >> ----------------+-------------------------------------------------- >> Kevin M. Igoe | "We can't solve problems by using the same kind >> kmigoe@nsa.gov | of thinking we used when we created them." >> | - Albert Einstein - >> ----------------+-------------------------------------------------- >> >> >> >> -------------- next part -------------- >> An HTML attachment was scrubbed... >> URL: < >> http://www.irtf.org/mail-archive/web/cfrg/attachments/20121015/6c9e37a3/attachment.htm >> > >> >> ------------------------------ >> >> _______________________________________________ >> Cfrg mailing list >> Cfrg@irtf.org >> http://www.irtf.org/mailman/listinfo/cfrg >> >> >> End of Cfrg Digest, Vol 90, Issue 2 >> *********************************** >> >> > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > http://www.irtf.org/mailman/listinfo/cfrg >
- Re: [Cfrg] Cfrg Digest, Vol 90, Issue 2 Jonathan Katz
- Re: [Cfrg] Cfrg Digest, Vol 90, Issue 2 Dan Harkins