[Cfrg] PAKE selection process: status after Phase 1 and following steps // Answers regarding AuCPace and CPace
Björn Haase <bjoern.m.haase@web.de> Sat, 06 July 2019 21:15 UTC
Return-Path: <bjoern.m.haase@web.de>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D8F11200EF for <cfrg@ietfa.amsl.com>; Sat, 6 Jul 2019 14:15:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=web.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KysnLpOixPA4 for <cfrg@ietfa.amsl.com>; Sat, 6 Jul 2019 14:15:39 -0700 (PDT)
Received: from mout.web.de (mout.web.de [212.227.15.4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 248FC1200EB for <cfrg@irtf.org>; Sat, 6 Jul 2019 14:15:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=web.de; s=dbaedf251592; t=1562447736; bh=dhBkVGGVDPhP7LM5yzAxobk7E4c/1v9qgxGMrq9jGnQ=; h=X-UI-Sender-Class:Subject:To:References:From:Date:In-Reply-To; b=M4XKqWMWv8wFl8i0HsNhCbFheaqO8qLOrwS6deR4kw6GvBn2bt3vNUN3LQRf85qD/ oOeE4il2yap8xGC/G/IINa4tINlNdIXcuz6QICYArb2BYrFjh4J7KooYZ0Mp4A1ML6 p18T+HcYhNjbkir8Po2Fd2aFqvCt77okvUHtG1og=
X-UI-Sender-Class: c548c8c5-30a9-4db5-a2e7-cb6cb037b8f9
Received: from [192.168.2.161] ([94.217.249.130]) by smtp.web.de (mrweb004 [213.165.67.108]) with ESMTPSA (Nemesis) id 0LzVMw-1iX4ab2rbu-014meA for <cfrg@irtf.org>; Sat, 06 Jul 2019 23:15:36 +0200
To: cfrg@irtf.org
References: <CAMr0u6kxgX+gL7ABxiyDG6KiWdH0qe48R_jL+GHbQNsS0h6yYQ@mail.gmail.com>
From: Björn Haase <bjoern.m.haase@web.de>
Message-ID: <3e07868d-0b9a-4634-b75c-3ad48a3c296a@web.de>
Date: Sat, 06 Jul 2019 23:15:36 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.7.2
MIME-Version: 1.0
In-Reply-To: <CAMr0u6kxgX+gL7ABxiyDG6KiWdH0qe48R_jL+GHbQNsS0h6yYQ@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:xj/cwFxsKUooxma4oCOjDrP2StXEOE5ANi9ps3OHks8R10Bq+16 R2aN8DQsGJBjFQ9VQDK6C35d2N5mXZU2gdfiIQApbtq7X3mGbpNTet6PZnqJnZEQS9duQbA L5eDwYmVvT1qK3mP/rOWwdDNpFrIGlB9lqBliBeReWrdXCajMvgXItM/TvgnAI9lOP3bwFe K0xmTFYoAn/KoJPUZHmfg==
X-UI-Out-Filterresults: notjunk:1;V03:K0:CUPnnZZ2OOs=:WKPs3HdafWF3CzBi4VBymr //Z8mkaBxYNhw04vkaYz8wHcPLXmzfKyELSCctKkuCahMUeRoLRbhzuehu8PdOKQfrbEv/0ia I3r79P9EWWFAe8aQf16K6Z8rkMlul2G/22W7udJV4sGq58IklN51B4pbpQrFFO8ZfhrXew7XQ wG8x9/o4RIkPXD7yfrUpLwe3/r9k7J16kgDfXFsLummnRxYOMsoLvNpC3DZDab5atVMzCG/IA ZN/l1mZU6Gnpwk+hx+1RYBoZ+kQcdj60uSTCpW868sGdWsUa/RR6PEpezaXNdJ/wgWUkBdOgQ HhTg1jtTqo02ba3DKX4OdFbf8EAhwama6d/RSqLR6UDsXiy+FZ1/iB1ULQRpqQOr9hLLwhFIz gDdy5K3LAp3Fju8+fOV6nviUFMkgh1hrRHhP6MVEgbs0b7EIQmy+VnIZFJy8TH79+ULKxe9Du qBTKcsIAEtiYqcnlB1nBGtvqewJxWB0L94eOsO9SyNkU1MTOpcjYeivQ+ag/Mv8XC4Bn0+KiM bqlqAdOhkiWbgtv/ogzpcFHY1MUBTh2n5VNgU40oqg94zwHm3NWRA70RVVK+xayNyndYHFjyh +3MrujX1U5uGBJGIezb7y7siNEe96iMbKHqipGG0anCJApBeIWx1eVYH59Spn/qyAF2h++lQ1 VIPMe4PPI83bR1kI439OsJkND8jjgmsXudfrHzmpP+CEhZuu4+wsOCf07kv7xVgAOKTnLt6BN XIXJu09vZOset8+mL/lI4grDECBNHnMhHKe2M9J1vno5q/6HKLVwuu7jzYGvLm3e5L7GWgskp 4Z8Ri3zlqVBlX0fv0Ltb+bEc67NdLpmTVNddnI9TdjIWloL1tuLVZCEGlBLCVsFZL7+/Xb+d8 ikdRy7cifZ2ld9QrRWNH4jiHy719Ml9SqVizvT8DW8w77oIcjj3KZ8nP+QQcMd9qTYHtXO9SY pkQhVKiSFRKYhJot/Xy2Lrzyy9BiPr3YQojMJ2Za6pG5n++GOc6GVwJqQghUVfkWxCZ6TZm/K 2gj1YnN4EGY0HSMez3Th9cNn9fjsFYJhmMC8uhjJ4e9CKypKWb9XuWMj+0ICUdoSCiIZK8hRY aa/nASiQQq7IZS8qRfzFsVyz+xS7Za0rZLJ
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/QZ8337Y0H4H8Fu4Vs-bW-RK_ljY>
Subject: [Cfrg] PAKE selection process: status after Phase 1 and following steps // Answers regarding AuCPace and CPace
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Jul 2019 21:15:42 -0000
Dear CFRG, Dear Stanislav, as requested I have prepared comprehensive documentation regarding the questions from Phase 1. For this purpose, I have prepared a new revision of the AuCPace/CPace paper on the eprint server https://eprint.iacr.org/2018/286 This revised paper contains all of - Design guidelines and Adversary model that was considered when designing AuCPace - Security proof of CPace and AuCPace - Performance measurements on constrained hardware - The information as requested in your Phase 1 status mail (Appendix D) The advantage of compiling everything together is that all of the information on the AuCPace and CPace nominations could be found in one single file. The disadvantage is that the presentation got lengthy. For the CFRG audience, I would like to suggest to start reading with the Appendix D first. Note also that this revised paper shows in Appendix C how to use the method developed by Jarecki, Krawczyk and Xu for merging the key features of OPAQUE, the pre-computation attack resistance and defense against user enumeration attacks into AuCPace. I would specifically appreciate your feedback regarding the suggestion of a modular integration strategy for PAKE in transport-layer protocols such as TLS. Yours, Björn
- [Cfrg] PAKE selection process: status after Phase… Stanislav V. Smyshlyaev
- [Cfrg] PAKE selection process: status after Phase… Björn Haase
- Re: [Cfrg] PAKE selection process: status after P… Hugo Krawczyk
- Re: [Cfrg] PAKE selection process: status after P… Stanislav V. Smyshlyaev
- Re: [Cfrg] PAKE selection process: status after P… Hao, Feng
- Re: [Cfrg] PAKE selection process: status after P… Dan Harkins
- Re: [Cfrg] PAKE selection process: status after P… Peter Gutmann
- Re: [Cfrg] PAKE selection process: status after P… Dan Harkins
- Re: [Cfrg] PAKE selection process: status after P… Björn Haase
- Re: [Cfrg] PAKE selection process: status after P… Watson Ladd
- Re: [Cfrg] PAKE selection process: status after P… Watson Ladd
- Re: [Cfrg] PAKE selection process: status after P… Watson Ladd
- Re: [Cfrg] PAKE selection process: status after P… steve