Re: [Cfrg] PAKEs in general (was; Re: draft-irtf-cfrg-dragonfly document status)
"Dan Harkins" <dharkins@lounge.org> Thu, 09 October 2014 22:42 UTC
Return-Path: <dharkins@lounge.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E31FA1A899B for <cfrg@ietfa.amsl.com>; Thu, 9 Oct 2014 15:42:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.867
X-Spam-Level:
X-Spam-Status: No, score=-3.867 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2ZcAsKU8aiDT for <cfrg@ietfa.amsl.com>; Thu, 9 Oct 2014 15:42:51 -0700 (PDT)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by ietfa.amsl.com (Postfix) with ESMTP id C34DB1A8989 for <cfrg@irtf.org>; Thu, 9 Oct 2014 15:42:50 -0700 (PDT)
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id 5B71E10224008; Thu, 9 Oct 2014 15:42:50 -0700 (PDT)
Received: from 104.36.248.10 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Thu, 9 Oct 2014 15:42:50 -0700 (PDT)
Message-ID: <1c121d02a9ec2fc389fa2ca7557d981f.squirrel@www.trepanning.net>
In-Reply-To: <12DDE3BC-524C-4F83-908C-CDDA3D7D88A3@gmail.com>
References: <54357A2A.2010800@isode.com> <38634A9C401D714A92BB13BBA9CCD34F13E26818@mail-essen-01.secunet.de> <54366BA1.1010603@cs.tcd.ie> <D05BF8A4.50927%paul@marvell.com> <12DDE3BC-524C-4F83-908C-CDDA3D7D88A3@gmail.com>
Date: Thu, 09 Oct 2014 15:42:50 -0700
From: Dan Harkins <dharkins@lounge.org>
To: Yoav Nir <ynir.ietf@gmail.com>
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/U1LpG4jcUm-_KMiS2-b2HhllRKY
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] PAKEs in general (was; Re: draft-irtf-cfrg-dragonfly document status)
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Oct 2014 22:42:53 -0000
On Thu, October 9, 2014 1:53 pm, Yoav Nir wrote: > > On Oct 9, 2014, at 7:55 PM, Paul Lambert <paul@marvell.com> wrote: > >>> >>> I'll just note that there were also voices (incl. mine) saying: >>> "I really don't care about work on PAKEs. Seems like a waste of >>> time to me. But go ahead and spend time on that if you wish." >> >> +1 mostly. >> >> Shared passwords are architecturally problematic. They are >> more useable ways to authenticate. > > I wish I had a dollar for every time someone said that in the last 20 > years Me too. If I got a dollar every time authentication on the Internet involved a password and I had to pay a dollar every time authentication on the Internet did not, I would be a billionaire many times over. >> The mostly' is that the Dragonfly draft should be published >> so it can be used a little better in a couple of specific >> environments where it is already being wired into systems. >> Specifically, IEEE 802.11 has the SAE protocol which uses >> the Dragonfly exchange for mesh networks. > > Thats the part I dont understand. Since the first revision of this > document, the group made some suggestions for improvement that have been > incorporated into the draft. > > We also have Dant message ([1]) describing differences between the 802.11 > version and this draft, including attacks that work on earlier versions of > this draft that dont work on the 802.11 version. I think you misunderstood my email. This draft was supposed to be a generic specification for the key exchange underlying an authentication method in several other protocols. So the point of my mail was to explain that the attacks mentioned on this list-- the small subgroup attack and the reflection attack-- are not new, they were known and addressed in the other specifications, but in my haste to get the I-D out (if you look at the Acknowledgements section you'll see that it's actually the xml2rfc boilerplate, it was that sloppy) I did not address them in the generic protocol description. After these omissions were pointed out the appropriate checks were added to subsequent versions of this draft. > Given all that, I dont think this is a document that describes existing > practice, in the same vein as an SSLv3 document or a PKCS#12 document. > This is a document describing an entirely new PAKE, so it should be judged > as such. Actually, it now closer to existing practice. It is a generic description of which there are other specific instantiations of it. There were no comment resolutions that changed the underlying protocol and to say it is an "entirely new PAKE" is just wrong. regards, Dan. > Yoav > [1] http://www.ietf.org/mail-archive/web/cfrg/current/msg05210.html > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > http://www.irtf.org/mailman/listinfo/cfrg >
- [Cfrg] draft-irtf-cfrg-dragonfly document status Alexey Melnikov
- Re: [Cfrg] draft-irtf-cfrg-dragonfly document sta… Watson Ladd
- Re: [Cfrg] draft-irtf-cfrg-dragonfly document sta… Paul Lambert
- Re: [Cfrg] draft-irtf-cfrg-dragonfly document sta… Watson Ladd
- Re: [Cfrg] draft-irtf-cfrg-dragonfly document sta… Paul Lambert
- Re: [Cfrg] draft-irtf-cfrg-dragonfly document sta… Dan Harkins
- Re: [Cfrg] draft-irtf-cfrg-dragonfly document sta… Watson Ladd
- Re: [Cfrg] draft-irtf-cfrg-dragonfly document sta… Peter Gutmann
- Re: [Cfrg] draft-irtf-cfrg-dragonfly document sta… Dan Harkins
- Re: [Cfrg] draft-irtf-cfrg-dragonfly document sta… Schmidt
- [Cfrg] PAKEs in general (was; Re: draft-irtf-cfrg… Stephen Farrell
- Re: [Cfrg] draft-irtf-cfrg-dragonfly document sta… Watson Ladd
- Re: [Cfrg] PAKEs in general (was; Re: draft-irtf-… Paul Lambert
- Re: [Cfrg] PAKEs in general (was; Re: draft-irtf-… Andy Lutomirski
- Re: [Cfrg] PAKEs in general (was; Re: draft-irtf-… Mike Hamburg
- Re: [Cfrg] draft-irtf-cfrg-dragonfly document sta… Alexey Melnikov
- [Cfrg] JPAKE and a few other things (was Re: draf… Alexey Melnikov
- [Cfrg] Writing proposals as drafts first (was Re:… Alexey Melnikov
- [Cfrg] PAKE requirements Alexey Melnikov
- Re: [Cfrg] draft-irtf-cfrg-dragonfly document sta… Watson Ladd
- Re: [Cfrg] PAKEs in general (was; Re: draft-irtf-… Yoav Nir
- Re: [Cfrg] PAKEs in general (was; Re: draft-irtf-… Dan Harkins