IETF Logo Mail Archive

Re: [Cfrg] PAKEs for IoT // Feedback appreciated regarding candidate libraries for the requested for reference implementations on constrained targets.

Björn Haase <bjoern.haase@endress.com> Wed, 20 November 2019 08:54 UTC

Return-Path: <bjoern.haase@endress.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D01AE1208BC for <cfrg@ietfa.amsl.com>; Wed, 20 Nov 2019 00:54:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=endress.com header.b=JZELfXxT; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=endress.com header.b=FnU+tSIy
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D2gHHEGdiLUv for <cfrg@ietfa.amsl.com>; Wed, 20 Nov 2019 00:54:47 -0800 (PST)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50041.outbound.protection.outlook.com [40.107.5.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3FE9D120AE5 for <cfrg@irtf.org>; Wed, 20 Nov 2019 00:54:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=endress.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wGJmX9sRNxC2VYM76f0p+FGkouCLQzz1bOOrX9dn/ZM=; b=JZELfXxT3qF6dpQdOTOArqe3tdX/br1bk/2pf8byew49vgjhGmQGJi9tIQThDd4BY+mKYR0Aa27tTZTvAb0IrFJDU0fiCio7mufS017WmYifExEo8tp7a1CaM53Le4Usxe1CrRGz9Qh5JeoLCU8ux0Yi1jt1KRpL+EjvwSEvb1I=
Received: from DB7PR05CA0033.eurprd05.prod.outlook.com (2603:10a6:10:36::46) by AM0PR05MB4145.eurprd05.prod.outlook.com (2603:10a6:208:5f::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2474.17; Wed, 20 Nov 2019 08:54:44 +0000
Received: from AM5EUR03FT028.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e08::207) by DB7PR05CA0033.outlook.office365.com (2603:10a6:10:36::46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2474.17 via Frontend Transport; Wed, 20 Nov 2019 08:54:44 +0000
Authentication-Results: spf=pass (sender IP is 40.68.44.165) smtp.mailfrom=endress.com; irtf.org; dkim=fail (body hash did not verify) header.d=endress.com;irtf.org; dmarc=pass action=none header.from=endress.com;
Received-SPF: Pass (protection.outlook.com: domain of endress.com designates 40.68.44.165 as permitted sender) receiver=protection.outlook.com; client-ip=40.68.44.165; helo=iqsuite.endress.com;
Received: from iqsuite.endress.com (40.68.44.165) by AM5EUR03FT028.mail.protection.outlook.com (10.152.16.118) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2474.17 via Frontend Transport; Wed, 20 Nov 2019 08:54:44 +0000
Received: from mail pickup service by iqsuite.endress.com with Microsoft SMTPSVC; Wed, 20 Nov 2019 09:54:43 +0100
Received: from EUR04-VI1-obe.outbound.protection.outlook.com ([104.47.14.59]) by iqsuite.endress.com over TLS secured channel with Microsoft SMTPSVC(8.5.9600.16384); Wed, 20 Nov 2019 09:54:42 +0100
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mI2PZzfQyxBOfgjdasLOsPp+rlBSfK2XoRt51HoAXMqA0XktEkaLfs3bUvSYcZ1ekaXQF/yc0ZdVD8qKpCe801WJblX4D8ETImp+balSjA2/04ngo6o7QK0ED27iT/d9uSXnWv1TWAZsreNy8oqbENrxwDCwn7bS6SjZSpLMUhNtTQ1TRIqLpTd5SlHOz6NraWh6FDOquvI+cXypniIDPWmbct/fDsHbXbiHWdyIs4pSEL8RdrkqPwQOFidysr7Sy3i2+TNum6aXnaS28bEov5iGwzZ1jYmQbxnNtjyBsZnIMEeFM/K42RFM9dUS7ha7BpiGR0PgOLVT72CFHOd3xA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2YcVVU2s1+asOsyxZZe0E4c2JOB1ieij73JgVwVJbr4=; b=FO1T2AOcMVlCjgqb7Uq/Gk5Bcu+HqIGoHQS/mykIA2URlCHBR+Qu1noaSkw0oq3l8ZZXOjTbeBe+TJZlfCiCRuCEqsU9KrmuetGZ+H27YMySLxsnYtFYOCsSY/+s6FYLMItRHT31vxBl0tfUbYLrz6Qbos34ke8m6u15kC/dxxaafEOGZSEq0IWj+CX5jBhpoAI7EbIbBBIdkjam5SGGu8X5BVoRuDwtjLiUstYA2fFEgCZO9g4OZYAzC7RA1brfUMaEp0lz9CEtUBwSAHfvztZVIyElgSIpgMLZ5sjLHgQLMKavrARwQ4F71cLGVdmH5mmSEH1EMIlfBWb7rvsDnw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=endress.com; dmarc=pass action=none header.from=endress.com; dkim=pass header.d=endress.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=endress.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2YcVVU2s1+asOsyxZZe0E4c2JOB1ieij73JgVwVJbr4=; b=FnU+tSIyqe6dpOwqA0onz/OlxjC+2RWoqwIi2m51EjJHYehetRHHcUOUryPKGaFSu3poFUmb9x0Xp1TP94bj4Gxj+KDPeJ4YA9y1vK9tdOK9jZvzfdx7tIWRQCqC2HEGn6WMUL/g4FXcpkQ1GlT996IHBRXVxWr4uMnKit5O4SU=
Received: from VI1PR0501MB2255.eurprd05.prod.outlook.com (10.169.135.11) by VI1PR0501MB2623.eurprd05.prod.outlook.com (10.172.13.9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2474.16; Wed, 20 Nov 2019 08:54:42 +0000
Received: from VI1PR0501MB2255.eurprd05.prod.outlook.com ([fe80::d80e:9b04:5c7:8b6e]) by VI1PR0501MB2255.eurprd05.prod.outlook.com ([fe80::d80e:9b04:5c7:8b6e%8]) with mapi id 15.20.2451.031; Wed, 20 Nov 2019 08:54:41 +0000
From: Björn Haase <bjoern.haase@endress.com>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>, cfrg <cfrg@irtf.org>
Thread-Topic: PAKEs for IoT // Feedback appreciated regarding candidate libraries for the requested for reference implementations on constrained targets.
Thread-Index: AdWff4aZDV41AxR9Twqnv6wlwQfcwg==
Content-Class:
Date: Wed, 20 Nov 2019 08:54:41 +0000
Message-ID: <VI1PR0501MB22559F46BED6DDACA80B3DAE834F0@VI1PR0501MB2255.eurprd05.prod.outlook.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Enabled=True; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_SiteId=52daf2a9-3b73-4da4-ac6a-3f81adc92b7e; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Owner=bjoern.haase@endress.com; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_SetDate=2019-11-20T08:54:39.5608621Z; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Name=Not Protected; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Application=Microsoft Azure Information Protection; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_ActionId=f84e4941-dee3-44a0-be34-4da972c1804d; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Extended_MSFT_Method=Automatic
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=bjoern.haase@endress.com;
x-originating-ip: [62.154.199.77]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-Correlation-Id: d7adf281-6bf8-445c-2721-08d76d9749d9
X-MS-TrafficTypeDiagnostic: VI1PR0501MB2623:|AM0PR05MB4145:
X-MS-Exchange-PUrlCount: 4
X-Microsoft-Antispam-PRVS: <AM0PR05MB41451452CAF49720126CCEA8834F0@AM0PR05MB4145.eurprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;OLM:10000;
x-forefront-prvs: 02272225C5
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10001)(10009020)(4636009)(376002)(136003)(346002)(39860400002)(396003)(366004)(199004)(189003)(55016002)(66946007)(102836004)(6506007)(66446008)(606006)(186003)(66476007)(66556008)(76116006)(26005)(64756008)(478600001)(74316002)(66066001)(413944005)(2906002)(25786009)(71190400001)(71200400001)(476003)(14454004)(790700001)(6116002)(33656002)(486006)(3846002)(7736002)(256004)(6306002)(9686003)(236005)(54896002)(6436002)(5660300002)(316002)(110136005)(99286004)(86362001)(81166006)(81156014)(8676002)(52536014)(19627235002)(8936002)(7696005); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0501MB2623; H:VI1PR0501MB2255.eurprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: endress.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: v88szQM0CJb/4EFGS0O6H4rQRN6sicjyR5gWZfN05mlEGZXiBhq3LP5jg2ysg8h7cXGHq4F/+0fxggrkk3wDrtBtLPFPnxsjbGscs1xbNIvAbKr95QoUdb8Dsws7MW0VpBU7H7v5E0rQ6K4lsPhF3ugELBflSMv4BiDH1viu2sAYnzk3W+eI7OE9oga7/EPU+QagS8KXzCPGBupvfzZI8L6Ryu0l9MVFdiXQX0AwD9tUkDHU3aWR/dconVjIffQ1kIYpdU46Cl7Pw7WbnRPh4IaFAQ0YSln1Dh4s67/fhk7keX5SKwG6u7yUbove/fNakv+HnxbpBMlP+LJhSOdJWZW69SleaVDJP+DNfJGjSo8cH/o4+Z1+4vwZAA7QaKVCrsfaV38fcUOXbY3vys8DJQ7uNHLTDza3ynduGZh16Z9ktRM0OX2iiiCxAGfKR/I4Qg8Jb/cAPaQ+pKiBJXYzKa+hkQmgEBNrh7o1jE99uqbEhTJ8LY1/9MT/VMy1WFFF4/U093TEiT/+pN+uzyU9xt1k4m/2ENs8wBVjefynUKI=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_VI1PR0501MB22559F46BED6DDACA80B3DAE834F0VI1PR0501MB2255_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0501MB2623
X-OriginalArrivalTime: 20 Nov 2019 08:54:42.0415 (UTC) FILETIME=[264787F0:01D59F80]
X-Trailer: 1
X-GBS-PROC: 7EzvTM+O+ysXo9x4PZmgEuBppVGzumSK/qpA1UkNHUg=
X-GRP-TAN: IQWE01@9B2D4174722D45AC8F0B57A5015247E9
X-iqsuite-process: processed
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT028.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:40.68.44.165; IPV:CAL; CTRY:NL; EFV:NLI; SFV:NSPM; SFS:(10001)(10009020)(4636009)(396003)(39860400002)(136003)(346002)(376002)(26234003)(189003)(199004)(316002)(102836004)(71190400001)(16586007)(33656002)(110136005)(106002)(19627235002)(7736002)(86362001)(74316002)(66574012)(6506007)(99286004)(15974865002)(8936002)(52536014)(486006)(476003)(126002)(606006)(413944005)(26826003)(356004)(478600001)(14454004)(336012)(7696005)(70586007)(70206006)(66066001)(55016002)(76130400001)(81166006)(26005)(186003)(5660300002)(8676002)(54896002)(9686003)(2906002)(6306002)(81156014)(25786009)(236005)(3846002)(14444005)(6116002)(790700001); DIR:OUT; SFP:1101; SCL:1; SRVR:AM0PR05MB4145; H:iqsuite.endress.com; FPR:; SPF:Pass; LANG:en; PTR:InfoDomainNonexistent; MX:1; A:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: a318a548-949b-42d3-8d70-08d76d974879
X-Forefront-PRVS: 02272225C5
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: XkoCNvvadkzKtIA5F2cw3qzsR/toVtcS3atHWTZ9i+7rgdT4IeD/El3pL5L4wNEBaU9iKRf4vOxDilPa3nmj8OCj+oRvbeGcoGNSQ/IkU3qb2okeGlTw7fdCTC2407uvm/9rhUdGfDlJCWlx0wAg8Ge9c/CehM+idgNpbzJbdqjYAqSO9i1FI0GCxldIG64nID98WELueHQHMSiWBuU4gyiSnB3UYdJWLnmoPMZM01m/Mg2gEjanaKQE57jYEqkKgfeas1d6UOyXJqHFMEPj2XKzBDBxUk7iti1RLHkJy3cFCO7/PQklVDJOv4yotxxVsq6J3/vPUZZJuIyrGcLa/d4gxy7OJh/Mc8UH8fCreICYPWWtKfTzt9o/T1FsZJOod11WOBW8QB4SlxM5T+hQze8+oW27I4Ultz3WxYCXYaJkLVh3n+cdfnL6FBgVMUEEgRfI55f45c4+RgeWu3qgwmulDS8NFf6razOZpORKoOITq+kvaqC+Hs9yhZmq10v/S5ZgR9TQ+UMeVLi4CsKpQtCTj81Q3HTh6WOJW3nb3gJLhByuuCYobwDB/+/2vlf1
X-OriginatorOrg: endress.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Nov 2019 08:54:44.2571 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: d7adf281-6bf8-445c-2721-08d76d9749d9
X-MS-Exchange-CrossTenant-Id: 52daf2a9-3b73-4da4-ac6a-3f81adc92b7e
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=52daf2a9-3b73-4da4-ac6a-3f81adc92b7e; Ip=[40.68.44.165]; Helo=[iqsuite.endress.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR05MB4145
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/ITfBtHNp4nP4R1CjHkxhSpZD33k>
Subject: Re: [Cfrg] PAKEs for IoT // Feedback appreciated regarding candidate libraries for the requested for reference implementations on constrained targets.
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2019 08:54:52 -0000

Dear Hannes,

regarding performance data, there is a detailed section on low-end microcontrollers in  ia.cr/2018/286<https://ia.cr/2018/286>.

For code size on other targets you could add the code sizes as required for X25519 and SHA512. The adder for the mapping could almost be neglected since it shares the same field arithmetic. We are also planning to prepare a stand-alone implementation based on an extension of Tweet-NaCl with elligator2, e.g. for inter-operability tests in addition to the optimized ARM v5 / v6 code that is already published.

@CFRG:
Regarding a reference implementation for short-Weierstrass curves on constrained devices, such as P-256, I’d appreciate any recommendation on which library candidate might be most suitable. My personal first approach would have been to use BearSSL for the field arithmetics or possibly Arm MBED. However, maybe there is some library where a reference implementation code could be integrated with less effort.

>There is a push from governments not to use passwords on IoT devices
Maybe you could give me a detailed pointer regarding this information? I currently don’t dispose of any such information. FYI, in Germany BSI explicitly declared interest in the current developments regarding PAKE standardization, specifically when considering the aspect of resilience with respect to quantum computing. This topic will be on the agenda for the upcoming BRAINPOOL meeting in January.

Yours,

Björn.


Mit freundlichen Grüßen I Best Regards 

Dr. Björn Haase 

Senior Expert Electronics | TGREH Electronics Hardware
Endress+Hauser Conducta GmbH+Co.KG | Dieselstrasse 24 | 70839 Gerlingen | Germany
Phone: +49 7156 209 377 | Fax: +49 7156 209 221
bjoern.haase@endress.com |  www.conducta.endress.com 



Endress+Hauser Conducta GmbH+Co.KG
Amtsgericht Stuttgart HRA 201908
Sitz der Gesellschaft: Gerlingen
Persönlich haftende Gesellschafterin:
Endress+Hauser Conducta Verwaltungsgesellschaft mbH
Sitz der Gesellschaft: Gerlingen
Amtsgericht Stuttgart HRA 201929
Geschäftsführer: Dr. Manfred Jagiella

 
Gemäss Datenschutzgrundverordnung sind wir verpflichtet, Sie zu informieren, wenn wir personenbezogene Daten von Ihnen erheben.
Dieser Informationspflicht kommen wir mit folgendem Datenschutzhinweis (https://www.endress.com/de/cookies-endress+hauser-website) nach.

 

Disclaimer: 

The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you receive this in error, please contact the sender and delete the material from any computer. This e-mail does not constitute a contract offer, a contract amendment, or an acceptance of a contract offer unless explicitly and conspicuously designated or stated as such.

v2.23.0 | Report a Bug | By Email