Re: [Cfrg] Introduction, and some concerns regarding draft-irtf-cfrg-argon2

Gwynne Raskind <> Wed, 29 April 2020 00:54 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 614EC3A0877 for <>; Tue, 28 Apr 2020 17:54:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_EMBEDS=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id PSmoD92eTLIH for <>; Tue, 28 Apr 2020 17:54:45 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::830]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id B4D113A0876 for <>; Tue, 28 Apr 2020 17:54:45 -0700 (PDT)
Received: by with SMTP id z90so515054qtd.10 for <>; Tue, 28 Apr 2020 17:54:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=subject:mime-version:from:in-reply-to:date:message-id:references:to; bh=rYfIEr95PZ7U0o7R7OH8Qh0wqTl25R5YEz/9ITqrypQ=; b=P7tQDAS/3n9rMk98GZOZmMarM9odKtMmzSIFAU2jBoZazEgXIcmeQaoNQO5PdHRSLD nql2xhknkOZB/lqGMWQCz1lR/denKIIdsOu/NGcbgENKIHkrOrmPDbBvQRFsTvZ5lDHq Su6lb5gq3YZIVUpKhk7Y9typlw4fu3Bi6mTAyXFZPC89kvcp47iNiYZtnF3ifCjmPquH KvKEGCiVlzv/QO2tDFGtXfWdVVKQ03Dz+YsEKTroBWATn8xFf4eFCALpu00apn7c4qe4 6z/T0rdMmx5fE8EX4mGCbwClqQxfWdQd+CFePM1Eb5hl9PVQ0kROjqNC9iydgEa94tus gyvg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:subject:mime-version:from:in-reply-to:date :message-id:references:to; bh=rYfIEr95PZ7U0o7R7OH8Qh0wqTl25R5YEz/9ITqrypQ=; b=nR44PQPiweDcVvBVrfuYiO6l8X3bdSaHoqiMqh494CH+Wr6Q7sbwSETFTNow6XRRbb 606y6QK6srajbx7Csnp01B3JtKIUCaYPyKIBlnVBH8WSBOdbTou06mEOvrHJyYpK0M9S Hi/KsBLvjLjOscIf4qmE/sDVvQfZv8rAwNQuzdMTYwMZpQvVDS64qWNskwLpIu3TcZrT 80YbD14PlPInFLsEq9XsjJ903Y5/Ix+PiMA6dzIVsDBTx9KgS0TILN7ujiAJ7z+/r0of zNOe6bO1tAm8A6UgWy2Z2gakkrFGPt+STK1OFtmMsFOmdiWCTaff8cC4M4JJxhDOgmuk L2qg==
X-Gm-Message-State: AGi0PuZ74qwgfOYAw5gjmvTsTdBlddtqZWcr7dfQE9ulI1TVCTY7DuAc N05Uuq5cL6B6qucg6fy11lLGyhOgIlI=
X-Google-Smtp-Source: APiQypL97yHylSZBaVNefwJ2hyZnBnaB+TnkbFsTQxtHauKg88zRm7Ug2mybafNpCuNcCvaIELs+Rg==
X-Received: by 2002:ac8:17c5:: with SMTP id r5mr31604667qtk.118.1588121683956; Tue, 28 Apr 2020 17:54:43 -0700 (PDT)
Received: from [] ( []) by with ESMTPSA id i42sm15915060qtc.83.2020. for <> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 28 Apr 2020 17:54:42 -0700 (PDT)
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.\))
Content-Type: multipart/related; type="text/html"; boundary="Apple-Mail=_577A47D6-ACCA-4B0E-B4BC-464D7D24092F"
X-Apple-Auto-Saved: 1
X-Apple-Mail-Remote-Attachments: NO
From: Gwynne Raskind <>
X-Apple-Base-Url: x-msg://3/
In-Reply-To: <>
X-Apple-Windows-Friendly: 1
Date: Tue, 28 Apr 2020 19:53:26 -0500
X-Apple-Mail-Signature: SKIP_SIGNATURE
Message-Id: <>
References: <> <> <>
X-Mailer: Apple Mail (2.3608.
Archived-At: <>
Subject: Re: [Cfrg] Introduction, and some concerns regarding draft-irtf-cfrg-argon2
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 29 Apr 2020 00:54:48 -0000

<div><div class=""><span class="">Thanks to everyone for their encouragement! I've attached my edited set of notes in Markdown format (I can provide it in alternative form if desired). I have tried to restrain this initial set of notes mostly to the most critical issues, as I've been known to end up simply rewriting entire documents if I don't keep myself in check (and frankly this draft has tempted me greatly in that regard) ^^; Please don't hesitate to ask any questions if there's anything that needs clarifying. I hope you find these notes helpful!</span><div class=""><span class=""><br class=""></span></div><div class=""><span class="">(P.S.: If the mailing list strips attachments, as I know many do, I welcome suggestions as to the best alternative for making the document available - my first instinct would be to post it as a GitHub Gist and send its link to the list instead.)<br class=""></span><div class=""><span class=""><br class=""></span></div><div class=""></div></div></div><div class=""><div class=""><div class=""></div><div class=""><span class=""><br class=""></span></div><div class=""><span class="">-- Gwynne Raskind</span></div><div class=""><div class=""><div><br class=""><blockquote type="cite" class=""><div class="">On Apr 27, 2020, at 17:32, Colin Perkins &lt;<a href="" class="" rel="nofollow"></a>&gt; wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="">I agree – this draft is close to publication as an RFC, so if there are corrections and/or clarifications needed, then it would be useful to get feedback so they can be incorporated before publication.<div class=""><br class=""></div><div class="">Colin</div><div class=""><br class=""></div><div class=""><br class=""><div class=""><br class=""><blockquote type="cite" class=""><div class="">On 27 Apr 2020, at 18:45, Scott Fluhrer (sfluhrer) &lt;<a href="" class="" rel="nofollow"></a>&gt; wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="WordSection1"><div class="">I haven’t seen any public responses, and so, while I’m not an editor of this particular draft, I’d like to reply to your concerns.<p class=""></p></div><div class=""><p class=""> </p></div><div class="">We would love to hear your critiques, both about minor errors such as typos, in addition to more major problems, such as ambiguities in the specification.<p class=""></p></div><div class=""><p class=""> </p></div><div class="">One major reason these drafts are published is to get them correct; by helping us make the draft better, you are helping us a great deal.<p class=""></p></div><div class=""><p class=""> </p></div><div class="">And, there isn’t any secret handshakes to work on this mailing list; we welcome everyone.  And you are certainly not out of line.<p class=""></p></div><div class=""><p class=""> </p></div><div class="">I look forward to hearing your corrections and your suggestions.  Thank you.<span lang="EN-GB" class=""><p class=""></p></span></div><div class=""><p class=""> </p></div><div class=""><div class=""><div class=""><div class=""><b class="">From:</b><span class="Apple-converted-space"> </span>Cfrg &lt;<a href="" class="" rel="nofollow"></a>&gt;<span class="Apple-converted-space"> </span><b class="">On Behalf Of<span class="Apple-converted-space"> </span></b>Gwynne Raskind<br class=""><b class="">Sent:</b><span class="Apple-converted-space"> </span>Sunday, April 26, 2020 9:40 AM<br class=""><b class="">To:</b><span class="Apple-converted-space"> </span><a href="" class="" rel="nofollow"></a><br class=""><b class="">Subject:</b><span class="Apple-converted-space"> </span>[Cfrg] Introduction, and some concerns regarding draft-irtf-cfrg-argon2<p class=""></p></div></div></div><div class=""><p class=""> </p></div><div class=""><div class=""><div class=""><div class=""><div class=""><div class=""><span class="">Hello!</span><p class=""></p></div><div class=""><div class=""><span class=""><p class=""> </p></span></div></div><div class=""><div class=""><span class="">My name is Gwynne Raskind; I'm a software engineer with a fairly wide range of technical experience and interests. I'm new to this mailing list, and to the IRTF in general - a colleague suggested that I subscribe to this working group's community to bring up an issue of concern to me with regards to the currently published draft of the specification of the Argon2 key derivation function (formally draft-irtf-cfrg-argon2-10).<p class=""></p></span></div></div><div class=""><div class=""><span class=""><p class=""> </p></span></div></div><div class=""><div class=""><span class="">In the course of both my work and general interest, I had occasion to investigate this algorithm and to attempt to build an implementation natively in the Swift language.. Unfortunately, I found the draft in its present form to be less helpful than I had hoped. After a considerable amount of time spent studying the C reference implementation and comparing it with the specification, I was able to derive a nearly complete and partially functional implementation of my own. It was a fascinating learning experience, but I also noted a significant number of typographical errors, incomplete descriptions, missing elements, and other problems in the spec itself.<p class=""></p></span></div></div><div class=""><div class=""><span class=""><p class=""> </p></span></div></div><div class=""><div class=""><span class="">As I have an active interest in the cryptography space, as well as plenty of experience as both a technical writer and as a systems engineer, I took it upon myself to write up a somewhat exhaustive list of the various issues I encountered in the spec, ranging from technical analysis to grammatical concerns: I would be very pleased to contribute it (along with some accompanying suggestions of potential corrections) if it would be welcomed. I apologize if I'm in any way out of line; I couldn't find any kind of guidelines for how to approach this sort of problem, short of doing exactly this, so here I am.<p class=""></p></span></div></div><div class=""><div class=""><span class=""><p class=""> </p></span></div></div><div class=""><div class=""><span class="">Thanks for reading through this, and I hope to get the chance to help out!<p class=""></p></span></div></div><div class=""><div class=""><span class=""><p class=""> </p></span></div></div><div class=""><div class=""><span class=""><p class=""> </p></span></div></div><div class=""><div class=""><span class="">-- Gwynne Raskind<p class=""></p></span></div></div></div></div></div></div></div></div></div><span class="">_______________________________________________</span><br class=""><span class="">Cfrg mailing list</span><br class=""><a href="" class="" rel="nofollow"></a><br class=""><a href="" class="" rel="nofollow"></a></div></blockquote></div><br class=""><div class=""> <br class=""><br class="">-- <br class="">Colin Perkins<br class=""><a href="" class="" rel="nofollow"></a><br class=""><br class=""><br class=""><br class=""> </div> <br class=""></div></div></div></blockquote></div><br class=""></div></div></div></div></div>