Re: [Cfrg] dragonfly, was: Re: Time to recharter CFRG as a working group? Was: Re: [secdir] ISE seeks help with some crypto drafts
Tony Arcieri <bascule@gmail.com> Wed, 27 March 2019 16:38 UTC
Return-Path: <bascule@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 837EE120285 for <cfrg@ietfa.amsl.com>; Wed, 27 Mar 2019 09:38:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vEaavgbDUjQv for <cfrg@ietfa.amsl.com>; Wed, 27 Mar 2019 09:38:02 -0700 (PDT)
Received: from mail-ot1-x336.google.com (mail-ot1-x336.google.com [IPv6:2607:f8b0:4864:20::336]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B2891202FC for <cfrg@irtf.org>; Wed, 27 Mar 2019 09:38:01 -0700 (PDT)
Received: by mail-ot1-x336.google.com with SMTP id f10so15497245otb.6 for <cfrg@irtf.org>; Wed, 27 Mar 2019 09:38:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=3dEDGDxNLYXu3HcryqPS/UkIAJVtP45PZyhrm7WTipY=; b=j6RpI85igHIuAKAowfvA0wJB0I6nEMlRBJpNlWX/mnyC6NBcLOvjpwc2H2GRCmKIkD osvpGrDLoRUpw7jPcJ+1d4cukWMvLi9+b2VS/OoTAkrGEWbnz1Z/ZDBAyel4qdR4jIDW KsYc1DQV2pWd/buLNS5CHKn/uT7NXWeru7pNpPy3c6zJfJqiCQik0UcUzfCAQ5rdPg2U w6WyPGGTWlzNEx2Y60FpL3L5HuFb+JKyHwuelZZjXYH6yP3j+VXu2ngikw2TN407yK/A q8k6//Tn4d2uyWgHOWWRtHDW+hGSPWSS0nPCPxBw6wlZ27dJKfUjMX8nqOvnaK8r82ph RRsg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=3dEDGDxNLYXu3HcryqPS/UkIAJVtP45PZyhrm7WTipY=; b=NXw/prvy2BSgOpQSojOU2KBLdeTZrHV5T6v1E6Wsuan0WuLoCSG1s31nQtxILhYZYP KC5XzgqONhovh55jCz7xwU+TBi67teg1JOL7rLBZfeLHfEl9vyHyeu0YLDx+kcgXiQTM F5UHipXjE6vzQyyVlgYgEGNqFTRMtFADqITJDTZExinVamG31e5sKuRZa5jopnH9TAKP rKGEIFhh4LdqXF5v8b+zhdT4x4cN3whHgdo3ltMxWLfw+DSyOuCevQmj+yUgRMRwd+U3 qmlmU1exDQXFdfNYYO5g4yX9dNrYLcFhCCVUB62BHLr836leBAnN4QrZ03Gedz5X1JMI fPpQ==
X-Gm-Message-State: APjAAAWIP7/XJXSdczbmF8ojMidrMyg6Vdc3lDv2a5mfkKQWzKnZonhg Wfzn3VcSKggusPqL6uekc60cPjoIhIIPYvK3ZnMkig==
X-Google-Smtp-Source: APXvYqxXrBgUfQNlqaSvFGfV6NcUtBDrvK/pkl8WA92Eem3iWTk8jGH9wJo33gfmDb4Mj+K+NPX5C5UITxzTNUO6Wyo=
X-Received: by 2002:a9d:1b2b:: with SMTP id l40mr7304852otl.365.1553704679169; Wed, 27 Mar 2019 09:37:59 -0700 (PDT)
MIME-Version: 1.0
References: <1d8de489fc976b63a911573300a431d4.squirrel@www.amsl.com> <alpine.LRH.2.21.1903081227200.30421@bofh.nohats.ca> <CAHOTMVLtjVxZNy3bFRn09xH+cOw+tPi2CL3BkaQuJEqxAzGOJg@mail.gmail.com> <edca701b-21f3-c80c-d754-fc333f1e2e04@cs.tcd.ie> <20190310182935.GE8182@kduck.mit.edu> <B876B124-7EDE-4E20-A878-3AAD3FA074BC@krovetz.net> <20190310191026.GF8182@kduck.mit.edu> <CAHOTMVJcosEgYV9caWapgyzQfh-g4k5DQry5n42bEfrkJvmdWQ@mail.gmail.com> <042b3f13-7d5a-12d7-e604-9f8cad197608@cs.tcd.ie> <CANeU+ZCmiTKfE1_YgjM6GX9ZCw_35mZoT8M-6VL72UhbenT2og@mail.gmail.com> <CAHOTMVJ2StG-wv6FRMescF=0PiZ4ei-MA0H+EV3QNiCb8yGFCQ@mail.gmail.com> <4831964a-19de-2c33-bd6d-de33a2c63276@lounge.org>
In-Reply-To: <4831964a-19de-2c33-bd6d-de33a2c63276@lounge.org>
From: Tony Arcieri <bascule@gmail.com>
Date: Wed, 27 Mar 2019 09:37:48 -0700
Message-ID: <CAHOTMV+33wipA5gtF16bHSZNs_edFiyZuDVj+kv28FRXcUJw3A@mail.gmail.com>
To: Dan Harkins <dharkins@lounge.org>
Cc: CFRG <cfrg@irtf.org>
Content-Type: multipart/alternative; boundary="0000000000007ce35b0585160f47"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/UGJfz6d5a7LMZRedUGLbPmuXZx8>
Subject: Re: [Cfrg] dragonfly, was: Re: Time to recharter CFRG as a working group? Was: Re: [secdir] ISE seeks help with some crypto drafts
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Mar 2019 16:38:05 -0000
There is, if nothing else, some confusion around the IETF's relationship to Dragonfly, both within the WiFi Alliance and by tech journalists. Some examples: https://mailarchive.ietf.org/arch/msg/cfrg/lNFkQxnCQpi7dEX6cNI0ewZAuGw Also note individual submission: > https://tools.ietf.org/html/draft-harkins-salted-eap-pwd-02 EMU and > Security Area review incorporated, IETF Last Call pending.. Related draft > (will be RFC 7664), see > https://datatracker.ietf.org/doc/draft-irtf-cfrg-dragonfly/ . https://www.darkreading.com/operations/wpa3-brings-new-authentication-and-encryption-to-wi-fi/d/d-id/1332145 WPA3 Personal authentication is a process called a simultaneous > authentication of equals (SAE), which comes from the *IETF Dragonfly* > <https://tools.ietf.org/html/rfc7664> key exchange. Robinson says that > with SAE, the authentication requires interaction, and only after > authentication will the keys be generated. This makes attacks that depend > on cloud-based server farms and automated key attempts unavailable to > attackers. https://www.eweek.com/security/next-generation-wpa3-wifi-security-standard-launches "SAE uses a Dragonfly handshake defined in the Internet Engineering Task > Force (IETF) RFC 7664 specification and applies it to a WiFi network for > password-based authentication," Robinson explained. "The Wi-Fi Alliance > WPA3 specification defines additional requirements for devices operating in > SAE modes." >From what I've observed, the IETF's name seems to end up attached to Dragonfly quite a bit. Curiously in these quotes, the CFRG and IRTF aren't mentioned at all. Perhaps this speaks to a more general problem around public perception of RGs and informational RFCs (or lack thereof), but when I read quotes like this, they sound to me like many people's perception is that Dragonfly is a standards-track IETF RFC. Issues like educating the tech press and trade associations on the difference between the IETF and IRTF and the difference between standards-track and informational RFCs aside, I think the main thing the IETF could do address these concerns is actually create a WG dedicated to producing a standards-track PAKE for similar use cases. PAKEs are certainly a hot topic these days, both on the CFRG (see OPAQUE thread this morning) and in cryptography in general. -- Tony Arcieri
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Peter Gutmann
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Dan Harkins
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Andy Lutomirski
- [Cfrg] ISE seeks help with some crypto drafts RFC ISE (Adrian Farrel)
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Paul Wouters
- Re: [Cfrg] ISE seeks help with some crypto drafts Salz, Rich
- Re: [Cfrg] ISE seeks help with some crypto drafts David Wong
- Re: [Cfrg] ISE seeks help with some crypto drafts D. J. Bernstein
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Tony Arcieri
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Stephen Farrell
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Tony Arcieri
- Re: [Cfrg] ISE seeks help with some crypto drafts Dan Brown
- Re: [Cfrg] ISE seeks help with some crypto drafts John Mattsson
- Re: [Cfrg] ISE seeks help with some crypto drafts Tony Arcieri
- Re: [Cfrg] ISE seeks help with some crypto drafts Aaron Zauner
- Re: [Cfrg] ISE seeks help with some crypto drafts Aaron Zauner
- Re: [Cfrg] ISE seeks help with some crypto drafts Aaron Zauner
- Re: [Cfrg] ISE seeks help with some crypto drafts mcgrew
- Re: [Cfrg] ISE seeks help with some crypto drafts Aaron Zauner
- Re: [Cfrg] ISE seeks help with some crypto drafts Tony Arcieri
- Re: [Cfrg] ISE seeks help with some crypto drafts Ted Krovetz
- Re: [Cfrg] ISE seeks help with some crypto drafts Paul Hoffman
- Re: [Cfrg] ISE seeks help with some crypto drafts Tony Arcieri
- Re: [Cfrg] ISE seeks help with some crypto drafts Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Paul Wouters
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Watson Ladd
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Paul Wouters
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Paul Hoffman
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… S Moonesamy
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Benjamin Kaduk
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Uri Blumenthal
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Ted Krovetz
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Benjamin Kaduk
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Tony Arcieri
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Uri Blumenthal
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Stephen Farrell
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Tony Arcieri
- [Cfrg] Time to recharter CFRG as a working group?… StJohns, Michael
- Re: [Cfrg] Time to recharter CFRG as a working gr… Tony Arcieri
- Re: [Cfrg] Time to recharter CFRG as a working gr… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] ISE seeks help with some crypto drafts Peter Gutmann
- Re: [Cfrg] ISE seeks help with some crypto drafts Salz, Rich
- Re: [Cfrg] ISE seeks help with some crypto drafts Salz, Rich
- Re: [Cfrg] Time to recharter CFRG as a working gr… John Mattsson
- Re: [Cfrg] [secdir] ISE seeks help with some cryp… Valery Smyslov
- Re: [Cfrg] Time to recharter CFRG as a working gr… Mathy Vanhoef
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Peter Gutmann
- Re: [Cfrg] Time to recharter CFRG as a working gr… Michael StJohns
- Re: [Cfrg] Time to recharter CFRG as a working gr… Richard Barnes
- Re: [Cfrg] Time to recharter CFRG as a working gr… Salz, Rich
- Re: [Cfrg] Time to recharter CFRG as a working gr… Stephen Farrell
- Re: [Cfrg] Time to recharter CFRG as a working gr… Michael StJohns
- Re: [Cfrg] Time to recharter CFRG as a working gr… denis bider
- Re: [Cfrg] Time to recharter CFRG as a working gr… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] Time to recharter CFRG as a working gr… Richard Barnes
- Re: [Cfrg] Time to recharter CFRG as a working gr… Daniel Kahn Gillmor
- Re: [Cfrg] Time to recharter CFRG as a working gr… Michael StJohns
- Re: [Cfrg] Time to recharter CFRG as a working gr… Paterson Kenneth
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Paul Wouters
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Uri Blumenthal
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Tony Arcieri
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Tony Arcieri
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Paterson Kenneth
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… denis bider
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Watson Ladd
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Melinda Shore
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Uri Blumenthal
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… denis bider
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Martin Thomson
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Peter Gutmann
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Melinda Shore
- Re: [Cfrg] Time to recharter CFRG as a working gr… mcgrew
- Re: [Cfrg] [secdir] Time to recharter CFRG as a w… Donald Eastlake
- Re: [Cfrg] Time to recharter CFRG as a working gr… Michael StJohns
- Re: [Cfrg] Time to recharter CFRG as a working gr… mcgrew
- Re: [Cfrg] Time to recharter CFRG as a working gr… StJohns, Michael
- Re: [Cfrg] Time to recharter CFRG as a working gr… Stephen Farrell
- Re: [Cfrg] Time to recharter CFRG as a working gr… Martin Thomson
- [Cfrg] dragonfly, was: Re: Time to recharter CFRG… Dan Harkins
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Tony Arcieri
- Re: [Cfrg] dragonfly, was: Re: Time to recharter … Björn Haase
- Re: [Cfrg] ISE seeks help with some crypto drafts Eric Rescorla
- Re: [Cfrg] ISE seeks help with some crypto drafts Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] ISE seeks help with some crypto drafts Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] ISE seeks help with some crypto drafts Eric Rescorla
- Re: [Cfrg] ISE seeks help with some crypto drafts mcgrew
- Re: [Cfrg] ISE seeks help with some crypto drafts Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] ISE seeks help with some crypto drafts mcgrew
- Re: [Cfrg] ISE seeks help with some crypto drafts Ted Krovetz
- Re: [Cfrg] ISE seeks help with some crypto drafts Benjamin Kaduk