Re: [Cfrg] I-D Action: draft-irtf-cfrg-spake2-04.txt

Benjamin Kaduk <kaduk@mit.edu> Tue, 24 October 2017 03:30 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 587F713AB3E for <cfrg@ietfa.amsl.com>; Mon, 23 Oct 2017 20:30:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.22
X-Spam-Level:
X-Spam-Status: No, score=-4.22 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dgmz6tG24bHQ for <cfrg@ietfa.amsl.com>; Mon, 23 Oct 2017 20:30:13 -0700 (PDT)
Received: from dmz-mailsec-scanner-5.mit.edu (dmz-mailsec-scanner-5.mit.edu [18.7.68.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B5CA2139203 for <cfrg@ietf.org>; Mon, 23 Oct 2017 20:30:12 -0700 (PDT)
X-AuditID: 12074422-0e7ff700000071a4-75-59eeb3c11858
Received: from mailhub-auth-4.mit.edu ( [18.7.62.39]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-5.mit.edu (Symantec Messaging Gateway) with SMTP id 9E.BC.29092.2C3BEE95; Mon, 23 Oct 2017 23:30:10 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-4.mit.edu (8.13.8/8.9.2) with ESMTP id v9O3U5d8029384; Mon, 23 Oct 2017 23:30:06 -0400
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id v9O3U1gf007158 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 23 Oct 2017 23:30:04 -0400
Date: Mon, 23 Oct 2017 22:30:01 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: Greg Hudson <ghudson@mit.edu>
Cc: cfrg@ietf.org
Message-ID: <20171024033001.GQ96685@kduck.kaduk.org>
References: <150821883254.21531.1671624165808113326@ietfa.amsl.com> <20171017111804.GP96685@kduck.kaduk.org> <db2d5df8-a79a-c157-29dc-060f6cbdc9d1@mit.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <db2d5df8-a79a-c157-29dc-060f6cbdc9d1@mit.edu>
User-Agent: Mutt/1.8.3 (2017-05-23)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrFIsWRmVeSWpSXmKPExsUixG6nrnto87tIg9bX+hZHd7WxODB6LFny kymAMYrLJiU1J7MstUjfLoErY9r0F2wF/ZwVP9eeZWlgXMTexcjJISFgIrHvw222LkYuDiGB xUwSV25sZ4RwNjJKHNzWxAhSJSRwlUni/iaWLkYODhYBVYmb0zJBwmwCKhIN3ZeZQWwRAUWJ Z6vmgpUwCwhKPJtqARIWFrCVeLfzAVgJL9CuFZfOM0FMnM8ocWmBOERcUOLkzCcsIDazgJbE jX8vmSDGSEss/8cBEuYUsJb49ncNWKuogLLEvH2r2CYwCsxC0j0LSfcshO4FjMyrGGVTcqt0 cxMzc4pTk3WLkxPz8lKLdE31cjNL9FJTSjcxgoPRRWkH48R/XocYBTgYlXh4b1i+ixRiTSwr rsw9xCjJwaQkyvs7522kEF9SfkplRmJxRnxRaU5q8SFGCQ5mJRHeSE+gct6UxMqq1KJ8mJQ0 B4uSOO+2oF2RQgLpiSWp2ampBalFMFkZDg4lCd7+TUCNgkWp6akVaZk5JQhpJg5OkOE8QMOt QWp4iwsSc4sz0yHypxh1OZ7NfN3ALMSSl5+XKiXO2wNSJABSlFGaBzcHlEQksvfXvGIUB3pL mPcySBUPMAHBTXoFtIQJaIms/RuQJSWJCCmpBkamvEzpuW9FbZx1ZyldPMZy87jhPN3iKT5h 8bUNHluO/xe41fgn8Y9vqHbur4nZJtZRTY/Kph44Mu+X1MQ5wmnJi3SX5+9/eUF/ZvCZu5zc ARP09C+dE9t3ojTqe6PI17sal1oDM7IsNu7lOFq57OGtd667/jdfSA/rUPnCfmf/15hm5mm1 G1uUWIozEg21mIuKEwHPsrZj/QIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/Lv1JFpKdBKX0pFqftbPXKd5vvfA>
Subject: Re: [Cfrg] I-D Action: draft-irtf-cfrg-spake2-04.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Oct 2017 03:30:14 -0000

Hi Greg,

On Fri, Oct 20, 2017 at 01:10:12PM -0400, Greg Hudson wrote:
> On 10/17/2017 07:18 AM, Benjamin Kaduk wrote:
> > This version is intended to have minimal changes from the -03, and was
> > intended to un-expire the draft and add me as editor to effect that change.
> > I want this draft to advance so that it can be used as a reference by
> > draft-ietf-kitten-krb-spake-preauth.
> > 
> > There is some reformatting due to having to rewrite the source into XML,
> > and I took advantage of that opportunity to un-wrap the python snippet.
> 
> Thanks.  I found my old feedback on this draft in
> https://www.ietf.org/mail-archive/web/cfrg/current/msg07928.html and
> this update resolves one of those issues (the misformatted Python code).
> 
> I do not know how to resolve the problem that SPAKE2+ doesn't use w0 or
> w1 in the transcript hash, and therefore more closely resembles SPAKE1
> than SPAKE2.  I suggest the following edits for the other issues:

Thanks for pulling up your old review comments.  I do plan to go through
the archives to see if there were any other outstanding review comments,
for the next revision.

-Ben