IETF Logo Mail Archive

Re: [Cfrg] adopting Argon2 as a CFRG document

Mike Hamburg <mike@shiftleft.org> Thu, 28 January 2016 22:05 UTC

Return-Path: <mike@shiftleft.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E0D71A9245 for <cfrg@ietfa.amsl.com>; Thu, 28 Jan 2016 14:05:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.557
X-Spam-Level: *
X-Spam-Status: No, score=1.557 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HELO_MISMATCH_ORG=0.611, HOST_MISMATCH_NET=0.311, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RDNS_DYNAMIC=0.982, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OAS78fpA-yLp for <cfrg@ietfa.amsl.com>; Thu, 28 Jan 2016 14:05:01 -0800 (PST)
Received: from astral.shiftleft.org (199-241-202-70.PUBLIC.monkeybrains.net [199.241.202.70]) by ietfa.amsl.com (Postfix) with ESMTP id 579A51A9244 for <Cfrg@irtf.org>; Thu, 28 Jan 2016 14:05:01 -0800 (PST)
Received: from [10.184.148.67] (unknown [209.36.6.242]) (Authenticated sender: mike) by astral.shiftleft.org (Postfix) with ESMTPSA id 00CFD9FFF1; Thu, 28 Jan 2016 14:05:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shiftleft.org; s=sldo; t=1454018701; bh=UDYlns76sdzIzCpiJh2VkGJ7jPsP7te5utG9scGS0t4=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=it4a2euClxuKMP0CdxTVifMg1SYxapk3PzOXKOVD9nodhzA9Iw7Xf7I6PTV+r3dug dE6tqNZc71nqXCCb38DnmyGWh/UaX1bA0a9PaHjjZU71Dn4STGD0HIVVRWpshrMKEg epkIQzK9JTDoX6aNY2ZzYuOhmdOp/T58aucn3NdA=
Content-Type: multipart/signed; boundary="Apple-Mail-6C041BA3-9412-4AA7-95F9-094EFC005D8F"; protocol="application/pkcs7-signature"; micalg="sha1"
Mime-Version: 1.0 (1.0)
From: Mike Hamburg <mike@shiftleft.org>
X-Mailer: iPhone Mail (13D15)
In-Reply-To: <59BCF6DC-7DE0-470D-BFE6-04E1A4F3FD47@juniper.net>
Date: Thu, 28 Jan 2016 14:04:59 -0800
Content-Transfer-Encoding: 7bit
Message-Id: <DA883510-A51C-4642-A357-32C1EBC920E9@shiftleft.org>
References: <D2C82E57.60B44%kenny.paterson@rhul.ac.uk> <6D05C894-4D0D-4089-B4C1-40DF4FDE6C63@shiftleft.org> <59BCF6DC-7DE0-470D-BFE6-04E1A4F3FD47@juniper.net>
To: Gregory Disney-Leugers <gdisney@juniper.net>
X-Virus-Scanned: clamav-milter 0.98.7 at astral
X-Virus-Status: Clean
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/XtLmdHTnB0UNVrgsFyc_aVbBQR0>
Cc: "cfrg@irtf.org" <Cfrg@irtf.org>
Subject: Re: [Cfrg] adopting Argon2 as a CFRG document
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jan 2016 22:05:03 -0000

Argon2d avoids this problem (hopefully but not provably?). But I believe the concern with argon2d is that it may leak information through memory accesses, for example through the cache timing channel.

-- Mike

Sent from my phone.  Please excuse brevity and typos.

> On Jan 24, 2016, at 14:14, Gregory Disney-Leugers <gdisney@juniper.net> wrote:
> 
> Isn’t the mitigation to use Argon2d over Argon2i?
> 
> From: Cfrg <cfrg-bounces@irtf.org> on behalf of Mike Hamburg <mike@shiftleft.org>
> Date: Friday, January 22, 2016 at 11:20 AM
> To: "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>
> Cc: "cfrg@irtf.org" <Cfrg@irtf.org>
> Subject: Re: [Cfrg] adopting Argon2 as a CFRG document
> Resent-From: Mark Baushke <mdb@juniper.net>
> Resent-To: Gregory Disney-Leugers <gdisney@juniper.net>
> Resent-Date: Friday, January 22, 2016 at 11:26 AM
> 
> We might want to hold off on Argon2 — at least on finalizing it — until the team has
> responded to (and hopefully mitigated) the issues mentioned at
> https://eprint.iacr.org/2016/027.  Essentially the problem is that Argon2 can be computed
> in less space than advertised.  The team said that they are planning a response, cf
> http://permalink.gmane.org/gmane.comp.security.phc/3606
> 
> Cheers,
> — Mike
> 
>> On Jan 22, 2016, at 11:10 AM, Paterson, Kenny <Kenny.Paterson@rhul.ac.uk> wrote:
>> 
>> Dear CFRG,
>> 
>> Having received limited feedback either way from the group (specifically,
>> one voice in favour), the CFRG chairs have decided to adopt
>> https://tools.ietf.org/html/draft-josefsson-argon2-00 as a CFRG document.
>> 
>> If you have objections or concerns, please reply to this email or directly
>> to CFRG chairs.
>> 
>> Sincerely,
>> 
>> Kenny Paterson (for the chairs)
>> 
>> 
>> On 06/11/2015 11:47, "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk> wrote:
>> 
>>> Hi Stephen,
>>> 
>>> Yes, the chairs are amenable to this. We've been keeping an eye on the
>>> password hashing competition and were planning a work item in this area.
>>> 
>>> Any comments from the group, either supporting or objecting to us adopting
>>> this draft in the RG?
>>> 
>>> Cheers,
>>> 
>>> Kenny 
>>> 
>>> (for the chairs)
>>> 
>>> On 06/11/2015 02:18, "Cfrg on behalf of Stephen Farrell"
>>> <cfrg-bounces@irtf.org on behalf of stephen.farrell@cs.tcd.ie> wrote:
>>> 
>>>> 
>>>> The password hashing competition has a winner and some folks
>>>> in the openpgp wg are interested in using that winner. I guess
>>>> this might be better processed via cfrg if folks are amenable
>>>> to that.
>>>> 
>>>> Thanks,
>>>> S.
>> 
>> _______________________________________________
>> Cfrg mailing list
>> Cfrg@irtf.org
>> https://www.irtf.org/mailman/listinfo/cfrg
>

v2.23.0 | Report a Bug | By Email