[Cfrg] PAKE selection process: Topics to consider for integration into TLS

Björn Haase <bjoern.haase@endress.com> Sat, 20 July 2019 20:30 UTC

Return-Path: <bjoern.haase@endress.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 304DA120167 for <cfrg@ietfa.amsl.com>; Sat, 20 Jul 2019 13:30:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=endress.com header.b=D6Y9kr/x; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=endress.com header.b=alX7FMv/
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nTvY-zlJ2K16 for <cfrg@ietfa.amsl.com>; Sat, 20 Jul 2019 13:30:08 -0700 (PDT)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-eopbgr30064.outbound.protection.outlook.com [40.107.3.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 95E6B12014B for <cfrg@irtf.org>; Sat, 20 Jul 2019 13:30:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=endress.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zmcsxTI4FhmS4qWuBOPSsLUrzmIeTia/khkF2gtXaZI=; b=D6Y9kr/xMX1XhM9d/MFZXlM04+e7fvrEUJfiDtBpfnM8TDKjPFVOspJ8uF0gKA2of4kd1vloXbNF/2TMadw5dLwO2hYYof9pliJI68w5EUCN+UqS020bK4ym4EdDmaZXuc2YfBI64Vhr3t8y2kvq2jGUS7CN3xMxlPIJ4GQs77c=
Received: from DB6PR05CA0013.eurprd05.prod.outlook.com (2603:10a6:6:14::26) by AM6PR05MB5239.eurprd05.prod.outlook.com (2603:10a6:20b:64::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2094.14; Sat, 20 Jul 2019 20:30:04 +0000
Received: from AM5EUR03FT060.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e08::207) by DB6PR05CA0013.outlook.office365.com (2603:10a6:6:14::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2094.14 via Frontend Transport; Sat, 20 Jul 2019 20:30:04 +0000
Authentication-Results: spf=pass (sender IP is 52.233.195.251) smtp.mailfrom=endress.com; irtf.org; dkim=fail (body hash did not verify) header.d=endress.com;irtf.org; dmarc=pass action=none header.from=endress.com;
Received-SPF: Pass (protection.outlook.com: domain of endress.com designates 52.233.195.251 as permitted sender) receiver=protection.outlook.com; client-ip=52.233.195.251; helo=iqsuite.endress.com;
Received: from iqsuite.endress.com (52.233.195.251) by AM5EUR03FT060.mail.protection.outlook.com (10.152.16.160) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2052.18 via Frontend Transport; Sat, 20 Jul 2019 20:30:04 +0000
Received: from mail pickup service by iqsuite.endress.com with Microsoft SMTPSVC; Sat, 20 Jul 2019 22:30:02 +0200
Received: from EUR03-VE1-obe.outbound.protection.outlook.com ([104.47.9.52]) by iqsuite.endress.com over TLS secured channel with Microsoft SMTPSVC(8.5.9600.16384); Sat, 20 Jul 2019 22:30:01 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=n/Qx1eNmKX8vlNse8DohRrfOrG4T4HoSiwUABvtBnORu1yauSzbbriHTc6e7pXTUf6XYO/Ndm/Hzh9Ck+Vd1gwLmdP3dcXBeypn7X0J9wSF+KdkiRyPFXryMLuXlbpt7pcI4oexxfc3zH/FZ7mVXHXbh5P/RbHifNrLfgSNw/2UW1rH6WKxbRm+EmVkXtruyijwejBs/QqBHAg5crCSZCEr2r1CBLmsfdLX2sRHi6vuEiFnUzhJU8Zl2kQKH3urOPJL7pHVQJFlshQH2sqywvXZgxZNDe9XXeUxvSAW+A8E8Fr1jj/N20Zhn7zMiB8m+Fs2je4mro2jP1x1QVODdkA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rXn32yUYwlOtDf4+CI6F8DvzTJbMYp7ERP1wZ/BmdGk=; b=HTUJK4mHtMr35X0t63wyUUUbU9fWGn+H0tQLIcvz619MsjzmIc1vNND7LaagJtxp403UheGg3WZbMfWwDPB05QUvH6vqoPKGQcQgHqSkc1fm3sxfwwF0f27Jq/ubnvFm6mpJU1shd57RrlujTBWNMDxP3dUi6fwLet047Xxxs72CJkW5iulXCDHsQs+b0mG8Abire19nimHu3rFSpLwmGT4fyNE0feusXOsIoxjzY0x6h/pjbjF18mWJ2EMRSS/8Aoz7kt71NS0ZIuRHQ7k3ygd1an3Wz8roaCzIYjaw7GlykX9Y8KotRlhHaQ1zg3pE6LWlP/3prLugm0lzQ0fDbg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=endress.com;dmarc=pass action=none header.from=endress.com;dkim=pass header.d=endress.com;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=endress.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rXn32yUYwlOtDf4+CI6F8DvzTJbMYp7ERP1wZ/BmdGk=; b=alX7FMv/JlaD25pY9cxrnNggYJjh8FkgyL4weEQSqYBxriwcs+19GvYo8r2J3uZnbUiFmrKXU9oKkw+D0cD/B611+XAVbjSmCctaDfaBWBBccZ8Es2+UKgut6wvmMysVnFlHJD8Fv/kdRoQjH1l8qPgu4VZdnQPecao6qEaZsJo=
Received: from VI1PR0501MB2255.eurprd05.prod.outlook.com (10.169.135.11) by VI1PR0501MB2400.eurprd05.prod.outlook.com (10.168.135.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2094.12; Sat, 20 Jul 2019 20:30:01 +0000
Received: from VI1PR0501MB2255.eurprd05.prod.outlook.com ([fe80::d802:c0a5:12ac:dc2d]) by VI1PR0501MB2255.eurprd05.prod.outlook.com ([fe80::d802:c0a5:12ac:dc2d%6]) with mapi id 15.20.2094.013; Sat, 20 Jul 2019 20:30:01 +0000
From: =?utf-8?B?QmrDtnJuIEhhYXNl?= <bjoern.haase@endress.com>
To: CFRG <cfrg@irtf.org>, "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>
Thread-Topic: [Cfrg] PAKE selection process: Topics to consider for integration into TLS
Thread-Index: AdU/OZfwWHNu6Q8ES7m+gtr5/ma8DA==
Content-Class:
Date: Sat, 20 Jul 2019 20:30:01 +0000
Message-ID: <VI1PR0501MB2255C73A0AA2591016F93A0283CA0@VI1PR0501MB2255.eurprd05.prod.outlook.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Enabled=True; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_SiteId=52daf2a9-3b73-4da4-ac6a-3f81adc92b7e; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Owner=bjoern.haase@endress.com; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_SetDate=2019-07-20T20:29:59.8772456Z; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Name=Not Protected; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Application=Microsoft Azure Information Protection; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_ActionId=d0c0ca96-a50e-402b-bb01-25f1135aec9d; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Extended_MSFT_Method=Automatic
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=bjoern.haase@endress.com;
x-originating-ip: [178.2.105.92]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-Correlation-Id: ae97da6a-e274-4147-0019-08d70d510c1f
X-Microsoft-Antispam-Untrusted: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:VI1PR0501MB2400;
X-MS-TrafficTypeDiagnostic: VI1PR0501MB2400:|AM6PR05MB5239:
X-MS-Exchange-PUrlCount: 3
X-Microsoft-Antispam-PRVS: <AM6PR05MB5239E23CCD0DEB006128F59283CA0@AM6PR05MB5239.eurprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;OLM:9508;
x-forefront-prvs: 0104247462
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(979002)(4636009)(376002)(346002)(396003)(39850400004)(366004)(136003)(189003)(199004)(85202003)(102836004)(68736007)(186003)(6506007)(8936002)(26005)(7696005)(4744005)(99286004)(33656002)(6116002)(9686003)(55016002)(2906002)(3846002)(6306002)(316002)(6436002)(86362001)(476003)(53936002)(110136005)(81166006)(25786009)(8676002)(478600001)(14454004)(966005)(52536014)(5660300002)(66446008)(64756008)(66556008)(66946007)(305945005)(256004)(486006)(7736002)(74316002)(66066001)(71200400001)(71190400001)(85182001)(81156014)(66476007)(76116006)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0501MB2400; H:VI1PR0501MB2255.eurprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: endress.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info-Original: ZZAbRXTVVgtfqEZGN3smTERKPpbui3wPIT0epzpW2DmMYlbMQrNb9aQyOWkKN3V4blEHhf7m7o9UPS+cmccuOtj8Sp6pChrEAjwq8kyEAHb8DJrc2Svx5fifIP1VbNw5upy45m9VmJa72owL+Wm7bMNCN6+Zp7Rf4mx1qQB10dnS45Sg/tTBcTPiy85TnziS7jfgSaR4EziMeP04Qon7i7l/sBXxKfEhWr637XxZe3zOlKyoFRYhSZn7I8VQVA+jvak0rlAhAVvjiME7bNjkoN3GrG/YzuiZJBrj4ry0ZPy1XzCFglu/SympnXYEYkMhy4pvl0Y5sYnkF42499N4WdV5Iwtmbi2Mq7RupRyRGG2AltLQJPBHavzK3tFJFJZq3Cr6bsGxJeEhxaiJW9llbbK4QqOaFQAAJGpcETEMQag=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0501MB2400
X-OriginalArrivalTime: 20 Jul 2019 20:30:01.0609 (UTC) FILETIME=[E80C1790:01D53F39]
X-Trailer: 1
X-GBS-PROC: iNIRV0Q9IzZRVKGaThpEaP3e+WePZ2cNjk/ECY19zp0=
X-GRP-TAN: IQWE02@4CDD6B8532EE46F1AEB894EB7D180233
X-iqsuite-process: processed
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT060.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:52.233.195.251; IPV:CAL; SCL:-1; CTRY:NL; EFV:NLI; SFV:NSPM; SFS:(10009020)(979002)(4636009)(39850400004)(376002)(396003)(136003)(346002)(2980300002)(189003)(199004)(26234003)(486006)(85202003)(86362001)(2906002)(356004)(50466002)(8676002)(6306002)(55016002)(99286004)(53936002)(70206006)(70586007)(9686003)(66574012)(476003)(15974865002)(14454004)(126002)(966005)(478600001)(5660300002)(26826003)(25786009)(3846002)(6506007)(2486003)(7696005)(102836004)(76130400001)(186003)(47776003)(26005)(85182001)(69596002)(305945005)(336012)(23676004)(74316002)(7736002)(66066001)(436003)(52536014)(68736007)(8936002)(106002)(110136005)(33656002)(81166006)(14444005)(81156014)(6116002)(316002)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1101; SCL:1; SRVR:AM6PR05MB5239; H:iqsuite.endress.com; FPR:; SPF:Pass; LANG:en; PTR:InfoDomainNonexistent; MX:1; A:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 5d753655-9f1b-490c-d115-08d70d510a47
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(710020)(711020)(4605104)(4709080)(1401327)(2017052603328)(7193020); SRVR:AM6PR05MB5239;
X-Forefront-PRVS: 0104247462
X-Microsoft-Antispam-Message-Info: 5u3zgBLEEJP9rMKLCT4bAXx7PAd5yeyY0bWewOwcZgzGENSW7xc3XExM72lLG4gSDF29FO0ihLsJkH0VFd44+Co+Ht9pxRn466Dqm6KNuSmSzfrIZz6U6edTroMORhvxefMx++0KUW3dWe+7dqfmzhGUoCureUvVM2AD+JAFC4SO/dTcYHT7XiDUvcGjZlWdbiunn/d4oicQGxeYjPobUEC7zGYoCAq/6LOPn29vVDFxv6BqVSVaC55QknDkrM9fiptkx/Ne2jKuujQqND1bkXJzNhH9HhtMp8aFHjPmDMnR1Y0KyZvTkFvIlt6qKhGacNgf5d7uM1qQLLMg7hXEM7/Qa+YQruvEKq6aaO5DSJHNAkGEQqapXO1f2tbx2QdrReUXRjGm4tT69b68qCopWn6Kn7LfGsDToRWMaZm+0YI=
X-OriginatorOrg: endress.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Jul 2019 20:30:04.2814 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: ae97da6a-e274-4147-0019-08d70d510c1f
X-MS-Exchange-CrossTenant-Id: 52daf2a9-3b73-4da4-ac6a-3f81adc92b7e
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=52daf2a9-3b73-4da4-ac6a-3f81adc92b7e; Ip=[52.233.195.251]; Helo=[iqsuite.endress.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR05MB5239
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/XAnUb-BXy8gDr4hPOnmTFE5Gsmc>
Subject: [Cfrg] PAKE selection process: Topics to consider for integration into TLS
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Jul 2019 20:30:11 -0000

Hello to all,

I have had some discussions yesterday and I have added a couple of add-on slides to the presentation regarding PAKE integration into TLS.

https://github.com/BjoernMHaase/fe25519/blob/master/Concept_For_Modularized_PAKE_integration_into_TLS_20190720.pdf

I come to the conclusion, that we should really prepare for the event, that we might not be able to provide a user name in the initial client hello for system architecture reasons.

Yours,

Björn.


Mit freundlichen Grüßen I Best Regards 

Dr. Björn Haase 

Senior Expert Electronics | TGREH Electronics Hardware
Endress+Hauser Conducta GmbH+Co.KG | Dieselstrasse 24 | 70839 Gerlingen | Germany
Phone: +49 7156 209 377 | Fax: +49 7156 209 221
bjoern.haase@endress.com |  www.conducta.endress.com 



Endress+Hauser Conducta GmbH+Co.KG
Amtsgericht Stuttgart HRA 201908
Sitz der Gesellschaft: Gerlingen
Persönlich haftende Gesellschafterin:
Endress+Hauser Conducta Verwaltungsgesellschaft mbH
Sitz der Gesellschaft: Gerlingen
Amtsgericht Stuttgart HRA 201929
Geschäftsführer: Dr. Manfred Jagiella

 
Gemäss Datenschutzgrundverordnung sind wir verpflichtet, Sie zu informieren, wenn wir personenbezogene Daten von Ihnen erheben.
Dieser Informationspflicht kommen wir mit folgendem Datenschutzhinweis (https://www.endress.com/de/cookies-endress+hauser-website) nach.

 

Disclaimer: 

The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you receive this in error, please contact the sender and delete the material from any computer. This e-mail does not constitute a contract offer, a contract amendment, or an acceptance of a contract offer unless explicitly and conspicuously designated or stated as such.