Re: [Cfrg] Comments on PAKE Selection
"Stanislav V. Smyshlyaev" <smyshsv@gmail.com> Fri, 26 July 2019 10:51 UTC
Return-Path: <smyshsv@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7CACE12024F for <cfrg@ietfa.amsl.com>; Fri, 26 Jul 2019 03:51:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kVkPHbVzkcz1 for <cfrg@ietfa.amsl.com>; Fri, 26 Jul 2019 03:50:59 -0700 (PDT)
Received: from mail-lf1-x12a.google.com (mail-lf1-x12a.google.com [IPv6:2a00:1450:4864:20::12a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0C0201202E8 for <cfrg@irtf.org>; Fri, 26 Jul 2019 03:50:59 -0700 (PDT)
Received: by mail-lf1-x12a.google.com with SMTP id v85so36743556lfa.6 for <cfrg@irtf.org>; Fri, 26 Jul 2019 03:50:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=gpYxUIiHtBRF87sSDm+NS0aNH38sctMyiC9UQJY4RLs=; b=dMBPL0J48IUEuDvR7Vg04Pnc5LnUcQte5fmTa4PeDDMnmMpts8eRPpninjt8wSHJiZ Tstyul6MD76f1q/ISevDhDAU9ebfGlkw5eHCn7CxMBrgZ4Ly8jCW0VgrkR/8kedEvLi1 8FI+P0nllMJZQ7q6NycBh2nOmZWS583GQ7CkiceO1l00YkVRqLrFnkL8Syrpn3aiP3+Y yLmWbyy8ZU7a+IgrWIH/iYxahCDfzmoXpD+MhZodfGrGVrJQv/ckoFMa3Bxu1hCLGVfq WpL29s6ASBmBoWwaH4qlvVHJhMV5kjiGkCRHZ+n9nalNboboqBjNFv+iwwyrulOZA3OD 06PQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=gpYxUIiHtBRF87sSDm+NS0aNH38sctMyiC9UQJY4RLs=; b=CYKS8nsdT5EgVV6RJ8+ajhn8PuB2dqJ4CESeLSPAflVVvm0kWkntrvDRNt59kmV9Hg G4ngBpi1fvRr0W3m4MxDRpXvxohPT8RBIlVdCUHS3bEKldkRwQnS0fGBZ4ihMpiWD1Od ccOHi9NCEWlTL6oNNSazFv45FnCwAiYvOfXrHqUjmAtYfKK2KOy2TaeAUyX6Esd2f6Q9 uFGuuBg8i1B/GSXHYI3dX16W9gNzRGkNeYkHPvhlAp1A6Ikzie5aNayTjnFRDX6k9as8 41lC8XhFUA++hoLclF1Y8OUNk3blKbx+dXSVh/8fBTP1YXs/LjNRRpEplbHISg37HthK kV6g==
X-Gm-Message-State: APjAAAUESxE358dtdgjil7czHGFkbbU2c2BK89pgxtALRoZHD4cipuVF RGCqrtfjtUa2fn9dzRI7xJkd5iiDHKw//BLiVPM=
X-Google-Smtp-Source: APXvYqyu/vABD4hh0bsdzasWzk62P+ZXxrpD2VD/BAXt/FZf1z5hFhDICU0Id9tIE4laZcLaLnayOjRJK2heZvIRvCc=
X-Received: by 2002:a05:6512:484:: with SMTP id v4mr24897799lfq.66.1564138257269; Fri, 26 Jul 2019 03:50:57 -0700 (PDT)
MIME-Version: 1.0
References: <b0a23fd0f6bf47b29402e0d279991cf6@huawei.com> <AM4PR0501MB22423D26016A67AAF8008B3383C00@AM4PR0501MB2242.eurprd05.prod.outlook.com>
In-Reply-To: <AM4PR0501MB22423D26016A67AAF8008B3383C00@AM4PR0501MB2242.eurprd05.prod.outlook.com>
From: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>
Date: Fri, 26 Jul 2019 06:50:46 -0400
Message-ID: <CAMr0u6=my2BiG5Dqr-UtMN6CdM+sfYOqhX_z9eQUx+Q3PuDsTA@mail.gmail.com>
To: Björn Haase <bjoern.haase@endress.com>
Cc: Wang Guilin <Wang.Guilin@huawei.com>, "cfrg@irtf.org" <cfrg@irtf.org>
Content-Type: multipart/alternative; boundary="000000000000344b80058e935181"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/Jfay3wJphd3JC3UqXzxM9Y_5Qak>
Subject: Re: [Cfrg] Comments on PAKE Selection
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jul 2019 10:51:02 -0000
Dear Björn and Guilin, Many thanks for the comments! About the timeline: it is stated explicitly on the plan that it may be revised at IETF 106 if we have reasons for that. While I believe that the forward security will obviously be considered by the Crypto Review Panel experts, we can just add the property to the list of questions to be considered. Kind regards, Stanislav пт, 26 июля 2019 г. в 3:40, Björn Haase <bjoern.haase@endress.com>: > >Guilin wrote: I would like to suggest that forward security should be > considered as one additional requirement for the PAKE selection. > I agree. That's particularly crucial if we use the PAKE-spawned > confidential channel for changing passwords! I thought so far that forward > security would be considered mandatory in the first place. > > > > > Mit freundlichen Grüßen I Best Regards > > Dr. Björn Haase > > Senior Expert Electronics | TGREH Electronics Hardware > Endress+Hauser Conducta GmbH+Co.KG | Dieselstrasse 24 | 70839 Gerlingen | > Germany > Phone: +49 7156 209 377 | Fax: +49 7156 209 221 > bjoern.haase@endress.com | www.conducta.endress.com > > > > Endress+Hauser Conducta GmbH+Co.KG > Amtsgericht Stuttgart HRA 201908 > Sitz der Gesellschaft: Gerlingen > Persönlich haftende Gesellschafterin: > Endress+Hauser Conducta Verwaltungsgesellschaft mbH > Sitz der Gesellschaft: Gerlingen > Amtsgericht Stuttgart HRA 201929 > Geschäftsführer: Dr. Manfred Jagiella > > > Gemäss Datenschutzgrundverordnung sind wir verpflichtet, Sie zu > informieren, wenn wir personenbezogene Daten von Ihnen erheben. > Dieser Informationspflicht kommen wir mit folgendem Datenschutzhinweis ( > https://www.endress.com/de/cookies-endress+hauser-website) nach. > > > > Disclaimer: > > The information transmitted is intended only for the person or entity to > which it is addressed and may contain confidential, proprietary, and/or > privileged material. Any review, retransmission, dissemination or other use > of, or taking of any action in reliance upon, this information by persons > or entities other than the intended recipient is prohibited. If you receive > this in error, please contact the sender and delete the material from any > computer. This e-mail does not constitute a contract offer, a contract > amendment, or an acceptance of a contract offer unless explicitly and > conspicuously designated or stated as such. > > > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg >
- [Cfrg] Comments on PAKE Selection Wang Guilin
- Re: [Cfrg] Comments on PAKE Selection Björn Haase
- Re: [Cfrg] Comments on PAKE Selection Stanislav V. Smyshlyaev