Re: [Cfrg] On terminology (and essence): peer-to-peer or client-server
"Stanislav V. Smyshlyaev" <smyshsv@gmail.com> Wed, 29 May 2019 05:44 UTC
Return-Path: <smyshsv@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A9B4120089 for <cfrg@ietfa.amsl.com>; Tue, 28 May 2019 22:44:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NSUSiwTHlvv5 for <cfrg@ietfa.amsl.com>; Tue, 28 May 2019 22:44:04 -0700 (PDT)
Received: from mail-qt1-x831.google.com (mail-qt1-x831.google.com [IPv6:2607:f8b0:4864:20::831]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE20F120045 for <cfrg@irtf.org>; Tue, 28 May 2019 22:44:03 -0700 (PDT)
Received: by mail-qt1-x831.google.com with SMTP id u12so1150909qth.3 for <cfrg@irtf.org>; Tue, 28 May 2019 22:44:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=jiGpgX6+BCosif6u9kA5Upc7eeZWuSuGu101cz42rSM=; b=TAttE9II+BKwDPq+Bu3l94t1MYRtPNhV2IJaZ4nweYeaQLQ3sZttezrV17w2ltbtGS zxlxSr5iXyhMNoeLhbq93NERP6sClWwaCU7B1tZgaQTONXkvuGEw3tJ9qKdJ5gUWrgTT YQ/EtBoxBbARJAt9th32pr6EVvRv1qlDBW8v5NbczRU1hOjLJ8RHf6iQey06zLD/pfTx QNQrIAJFqXiT02VILGehjXwxS9DqjWHoImjv6FVMbxrP7pp7BfFxfLdq8UDu9j/sfkWm N4/7BNPewF0RWBxDxDTyyRySHDMBEp8nb3wwM/ZP9f+OBYDnLx16jKsXDI0UBXJbwWWX 1r2Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=jiGpgX6+BCosif6u9kA5Upc7eeZWuSuGu101cz42rSM=; b=GMEDLX8tq4pj1T87UdETbmPjGJAvFyGP1j2GXVYie5Ojr5N3yKKIDO7KZQnb+XSfzZ uv2RMZWCmYGSEGlCJPRfWQ0Dq/8LWIAriMG2Mt39K/OejU/eo40hffeV+cNEZJ5jxN0y Q7LQfEaq5mOt9Ci6zVhagN+qZdB9dtD/lH+u8mak+kxEv1JAaxTEw8dywRkkqPBNQEtz cUDV6gEaaUwpwsaKv/LAw/Wn4/Lt0TAYWU/Sm+0D7QI/YSDVIZtcSFhiKPNZuX6lh3HF 4Qlm5Df2k0mw8r1e/4pCWihIGn+ww4avJ2SWnHmHA7fdvKBRtfOgTwiUpy0VjD/NwiZf eY4g==
X-Gm-Message-State: APjAAAWClVbNIqbQ82y+b+lUu1yVHVK0QrAT8blzGSfhXnBs3BHo4bO+ K/HWKLy3DhbStQ/p1sfYbJ3BfHzuwT7FbY8Y8+s=
X-Google-Smtp-Source: APXvYqzDWU0C4A//4J8DdAo7kttXxQitDy4nceBxyzyc/Pr2w/3aRDXt7aqCP/pLzJIuUVOXuK9ad2VHnxN3XkeqHlY=
X-Received: by 2002:ad4:43e9:: with SMTP id f9mr5021748qvu.180.1559108642802; Tue, 28 May 2019 22:44:02 -0700 (PDT)
MIME-Version: 1.0
References: <CADi0yUOECGWvXtFYaXPkb=kMkx2r7mXWJ5MDwD6rHspTcCDYsw@mail.gmail.com>
In-Reply-To: <CADi0yUOECGWvXtFYaXPkb=kMkx2r7mXWJ5MDwD6rHspTcCDYsw@mail.gmail.com>
From: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>
Date: Wed, 29 May 2019 08:42:02 +0300
Message-ID: <CAMr0u6nYbEcca74BykFPoMhreOuSh1Sbo390zREJPNK+bYPaYg@mail.gmail.com>
To: Hugo Krawczyk <hugokraw@gmail.com>
Cc: CFRG <cfrg@irtf.org>
Content-Type: multipart/alternative; boundary="000000000000d2111b058a0044e0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/QMRsxacqlNYjPerzrlRYBosSN1E>
Subject: Re: [Cfrg] On terminology (and essence): peer-to-peer or client-server
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 May 2019 05:44:06 -0000
Dear Hugo, I completely agree with your point: when comparing PAKEs, we must be very explicit about the primary scope of each protocol and clearly distinguish "client-server" applications of PAKEs and "peer-to-peer" ones. I hope that I've reflected this in my presentation about PAKE selection in Prague at IETF 104, https://www.ietf.org/proceedings/104/slides/slides-104-cfrg-pake-selection-01.pdf . While we are going through the PAKE selection process, we need to be very accurate with the goals which are achieved by each PAKE: in Prague I gave a simple example that being "augmented"/"asymmetric" can be redundant when we're thinking about such applications as Wi-Fi DPP protocol, for example. Of course, we must take this to account. We have the document, that helps with a number of questions with terminology here: RFC 8125. But, as any document, it can't answer all questions, so we may have to make adjustments during our discussions in the selection process. And my point is that at the end of the main process, when we (hopefully) select some PAKEs and start our work with CFRG document “Recommendations for password-based authenticated key establishment in IETF protocols”, we'll be obliged to reflect all issues with the terms, goasl of PAKEs, scope and recommendations in that document. Kind regards, Stanislav ср, 29 мая 2019 г. в 06:59, Hugo Krawczyk <hugokraw@gmail.com>: > It is very important that when people propose or discuss specific PAKE > protocols and applications, that they distinguish between those intended > for "peer communication" (where both ends share the same password) and > those for the client-server case (where the server does not store the > password but only a one-way function of the password). > > These are different types of protocols, for different settings, different > security goals and definitions, and quite different designs. In > particular, they cover very different applications (the client-server > setting is where most uses of passwords are found while the peer case seems > of more restricted applicability, at least in the past). > > It would be very helpful if we developed some common terminology for > differentiating these two settings. Unfortunately, there are many different > names people have been using. I like to call them "symmetric" (for the peer > case) and "asymmetric" (for the client-server case), but we have also > balanced and unbalanced, plain PAKE for the peer case and augmented PAKE > for the client server and more (e.g. "Verifier-based" for the asymmetric > case). > > It would be good to set some conventions here. > > But regardless of names, the most important point is to make clear to what > setting one refers when discussing specific protocols and applications. > > Hugo > > > > > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg >
- [Cfrg] On terminology (and essence): peer-to-peer… Hugo Krawczyk
- Re: [Cfrg] On terminology (and essence): peer-to-… Stanislav V. Smyshlyaev