[CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13

"Campagna, Matthew" <campagna@amazon.com> Fri, 24 May 2024 20:26 UTC

Return-Path: <prvs=8671f9661=campagna@amazon.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A34D7C14F60D; Fri, 24 May 2024 13:26:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.092
X-Spam-Level:
X-Spam-Status: No, score=-7.092 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazon.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JTvp0Me2RY-W; Fri, 24 May 2024 13:26:29 -0700 (PDT)
Received: from smtp-fw-52005.amazon.com (smtp-fw-52005.amazon.com [52.119.213.156]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 818C6C14F5E9; Fri, 24 May 2024 13:26:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1716582390; x=1748118390; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=yZS8N+DXvVI1x19O/pD8EwQYx7Ya72R6ZRG9tP1c0vI=; b=Com1sjIea1n94wdWFofAbtDO09bMd9DI17IbJlOG1ZzW+jrE0hFMrYzM h91DpLlTWm2xCmfPQWYxyxCqvIM9pKDaaBiWfJTol8aylToE+kOADTmgT lVshyhlHeHepklveNhHsDmuQZygB2ySX6XlAHLYtYfhe4QsP5qJGR7xZW 0=;
X-IronPort-AV: E=Sophos;i="6.08,186,1712620800"; d="scan'208,217";a="656404967"
Received: from iad12-co-svc-p1-lb1-vlan3.amazon.com (HELO smtpout.prod.us-west-2.prod.farcaster.email.amazon.dev) ([10.43.8.6]) by smtp-border-fw-52005.iad7.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 May 2024 20:26:29 +0000
Received: from EX19MTAUWB002.ant.amazon.com [10.0.38.20:40386] by smtpin.naws.us-west-2.prod.farcaster.email.amazon.dev [10.0.41.83:2525] with esmtp (Farcaster) id c56a2c38-ec8b-42af-9403-b6b3c828a2c8; Fri, 24 May 2024 20:26:28 +0000 (UTC)
X-Farcaster-Flow-ID: c56a2c38-ec8b-42af-9403-b6b3c828a2c8
Received: from EX19D012UWC003.ant.amazon.com (10.13.138.175) by EX19MTAUWB002.ant.amazon.com (10.250.64.231) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Fri, 24 May 2024 20:26:27 +0000
Received: from EX19D012UWC002.ant.amazon.com (10.13.138.165) by EX19D012UWC003.ant.amazon.com (10.13.138.175) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Fri, 24 May 2024 20:26:27 +0000
Received: from EX19D012UWC002.ant.amazon.com ([fe80::afb2:a509:3c85:23c6]) by EX19D012UWC002.ant.amazon.com ([fe80::afb2:a509:3c85:23c6%5]) with mapi id 15.02.1258.028; Fri, 24 May 2024 20:26:27 +0000
From: "Campagna, Matthew" <campagna@amazon.com>
To: "cfrg-chairs@ietf.org" <cfrg-chairs@ietf.org>
Thread-Topic: [CFRG] RGLC on draft-irtf-cfrg-opaque-13
Thread-Index: AQHarfxlF8vqdRChe0KiHqpe7VccyrGmzSU1//+S1gA=
Date: Fri, 24 May 2024 20:26:27 +0000
Message-ID: <3C55CCB1-40CD-49D1-825E-5B2EE779A7CA@amazon.com>
References: <26BD4048-76E5-4348-9BEA-55D4EB454B12@amazon.com> <87d5d1a7ea2e4a44a9140612fe6f208c@amazon.com>
In-Reply-To: <87d5d1a7ea2e4a44a9140612fe6f208c@amazon.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.84.24042814
x-originating-ip: [10.252.141.11]
Content-Type: multipart/alternative; boundary="_000_3C55CCB140CD49D1825E5B2EE779A7CAamazoncom_"
MIME-Version: 1.0
Message-ID-Hash: 3XLSHSOZ33G565VCFQFDANYHWQC3PJTX
X-Message-ID-Hash: 3XLSHSOZ33G565VCFQFDANYHWQC3PJTX
X-MailFrom: prvs=8671f9661=campagna@amazon.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-cfrg.irtf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "cfrg@ietf.org" <cfrg@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/BxOGJ57diSm_kZf-rL5Xfh366v4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Owner: <mailto:cfrg-owner@irtf.org>
List-Post: <mailto:cfrg@irtf.org>
List-Subscribe: <mailto:cfrg-join@irtf.org>
List-Unsubscribe: <mailto:cfrg-leave@irtf.org>

CFRG Chairs,

I think this draft is ready for publication as an RFC.  It raises the security bar on standardized password authentication protocols.

I have followed the development of this draft and the related voprf and hash-to-curve drafts.  I was able to develop an independent reference implementation to produce matching test vectors.

Sincerely,
Matt Campagna
Amazon Web Services

“Stanislav V. Smyshlyaev" <smyshsv@gmail.com> Wed, 10 January 2024 05:34 UTC
Dear CFRG participants,

This message is starting 3 weeks RGLC on draft-irtf-cfrg-opaque-13 ("The
OPAQUE Asymmetric PAKE Protocol") that will end on February 1st 2024. If
you've read the document and think that it is ready (or not ready) for
publication as an RFC, please send a message in reply to this email or
directly to CFRG chairs (cfrg-chairs@ietf.org<mailto:cfrg-chairs@ietf.org>). If you have detailed
comments, these would also be very helpful at this point.

The OPAQUE protocol was selected as a result of the PAKE selection process
in CFRG in 2019; there were a lot of reviews of the protocol and the early
versions of the draft, see https://github.com/cfrg/pake-selection
There were several important questions in those reviews which had to be
addressed during the evolution of the draft in CFRG.

We've got four reviews for the current version of the draft from the Crypto
Review Panel:
- Chloe Martindale (
https://mailarchive.ietf.org/arch/msg/cfrg/kq4JClSaBUqgGjwBLMMRSsfgnxs/)
- Jean-Philippe Aumasson (
https://mailarchive.ietf.org/arch/msg/cfrg/kq4JClSaBUqgGjwBLMMRSsfgnxs/)
- Julia Hesse (
https://mailarchive.ietf.org/arch/msg/cfrg/Bwo7jab6ifEG7a9KiDkXhayFgkk/)
- Scott Fluhrer (
https://mailarchive.ietf.org/arch/msg/cfrg/c3IKNQDDqkUKxSvJXlRXITmsytA/)
The reviewers have confirmed that their concerns have been addressed,

Thank you,
Stanislav, for CFRG chairs