Re: [Cfrg] PAKEs for IoT

"Stanislav V. Smyshlyaev" <smyshsv@gmail.com> Wed, 20 November 2019 08:42 UTC

Return-Path: <smyshsv@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B257120AA1 for <cfrg@ietfa.amsl.com>; Wed, 20 Nov 2019 00:42:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GkA9TXj1LPYR for <cfrg@ietfa.amsl.com>; Wed, 20 Nov 2019 00:41:58 -0800 (PST)
Received: from mail-lj1-x22e.google.com (mail-lj1-x22e.google.com [IPv6:2a00:1450:4864:20::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1048B120088 for <cfrg@irtf.org>; Wed, 20 Nov 2019 00:41:58 -0800 (PST)
Received: by mail-lj1-x22e.google.com with SMTP id 139so26551144ljf.1 for <cfrg@irtf.org>; Wed, 20 Nov 2019 00:41:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=l2heCUy0SAoTXu1GpJuB1nnaaYZ6dZPGei3VkKjmSxs=; b=qY23Nu1TBjWvZBrYby11ixh9p4Duvov/hpDFBsp6LZET9Ihqdmmk0G/oJ8HjaLsJHI tdg/9fZhpvPZgmEmkdnZ9DBfJevsPQR49QzraGnmkEMmt38Od1jTr0P4EQvO64PAjFBg XKFew6VYSQRdJNluJgEh4D0c13g4lbSbX3HzeHISAr9LqQwXdj8l38/EtSSqQLjBjQNG t53+lTYNu9M7f8JV9bWZ2AI/Kh3Htf7mQDJ6D3OY+RINbC1MycQ1Ugr1ADDse54NTr+f 8dugtD0veDP2EWo4BCJiz/n9nDo918Uh9j+JTtj0NrjUL0Ax7bQNc3TKwFLcJOmXryFt U+OQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=l2heCUy0SAoTXu1GpJuB1nnaaYZ6dZPGei3VkKjmSxs=; b=QSJd+EpllarQHXGxyMXOjMdh4v4+nK5oQu8G8ciaQl1hlySRoxmPrLs4jPPXXt8dTJ x6MN3Fe3jTixuWRGsB/ljIrXyyB8oLnN66DZRK4yuEFsrhFJiMD41Wa+ybvN6wVh3fQx qhuWwqvjkvmYHGu9jZ2nND6us5C/3gF2AnWGv7y15KB1h3yzG+I9Oxf3dLo/7BaS044i LJuwnjBzyCgiDUO1lShulE93ZShowQFGmJn880SnlB7DQ8CBttibGrWUFAB94Sz1HZ0p c5KxLMvpsHbgp/ABpn5zgfmvZoVstelUdC/cqQEXiq5YsYhohCfX9gSnUOWoPEvP/yLN 8mbQ==
X-Gm-Message-State: APjAAAWVXkRDL4noidghECB+C21P3Q4xygFx92LXlAPlQG2XeAZQ0rke E7CV3Wnvwr2VGbzv1q3WyI7f4rsjMiw1L42yUzk=
X-Google-Smtp-Source: APXvYqybi7z3uQi3IXdeLaeOIrAfacT9ePqU/vGI1InCH/Lbctcw7I8RkpDx3ptYwHhMEaAJtvgz/6IXzIIBKOWdP5c=
X-Received: by 2002:a2e:8518:: with SMTP id j24mr1511979lji.13.1574239316199; Wed, 20 Nov 2019 00:41:56 -0800 (PST)
MIME-Version: 1.0
References: <VI1PR08MB536013F38CDADF4D2331E2F1FA4F0@VI1PR08MB5360.eurprd08.prod.outlook.com>
In-Reply-To: <VI1PR08MB536013F38CDADF4D2331E2F1FA4F0@VI1PR08MB5360.eurprd08.prod.outlook.com>
From: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>
Date: Wed, 20 Nov 2019 16:41:44 +0800
Message-ID: <CAMr0u6mpVqhariENaXAKKxQLtLfKuC6oN6QSJjZYev7m8kTrCA@mail.gmail.com>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
Cc: cfrg <cfrg@irtf.org>
Content-Type: multipart/alternative; boundary="0000000000003bcc6d0597c32713"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/cJ841rAmYkP3PrA4wBbJckTjfaQ>
Subject: Re: [Cfrg] PAKEs for IoT
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2019 08:42:01 -0000

Dear Hannes,

All collected information about the candidates is here:
https://github.com/cfrg/pake-selection

Could you please formulate the corresponding questions to the authors of
the four nominated PAKEs that are to be considered at Round 2 (SPAKE2,
CPace, AuCPace and OPAQUE) and send those questions to crypto-panel@irtf.org
?..

Best regards,
Stanislav



ср, 20 нояб. 2019 г. в 16:36, Hannes Tschofenig <Hannes.Tschofenig@arm.com>;:

> Hi all,
>
>
>
> I was asked to do an analysis of the proposed PAKEs for IoT. I know I am
> very late with doing that. I tried but I ran into a few problems:
>
>
>
> First, it is not clear whether there are any specific requirements for the
> use of PAKEs in IoT because performance concerns are less applicable. PAKEs
> are used largely for onboarding where user interaction is required. This
> reduces the need for low latency because (a) users tend to be slower than
> machines and (b) large network load due to mass (automatic) onboarding
> appears to be a non-issue.
>
>
>
> Second, I had a hard time finding performance data for the proposals.
> Getting an understanding of the required code size & ram size on embedded
> devices would also be super useful.
>
>
>
> Third, it remains to be seen whether new PAKEs will get adopted by SDOs
> working on IoT for two reasons: (1) There is a push from governments not to
> use passwords on IoT devices (irrespectively of whether they are using
> PAKEs or not; a distinction that is not understood by users anyway.) (2)
> There are two PAKEs deployed already, namely JPAKE (in Thread) and
> Dragonfly (for use with WiFi security). At least in Thread, the effort
> wasn’t very successful because we have other technologies that give us
> better properties without bothering the user.
>
>
>
> Ignoring the third item, I was wondering whether someone can help me with
> my analysis by pointing to performance data or code (ideally from those
> working on the proposals).
>
>
>
> Ciao
>
> Hannes
> IMPORTANT NOTICE: The contents of this email and any attachments are
> confidential and may also be privileged. If you are not the intended
> recipient, please notify the sender immediately and do not disclose the
> contents to any other person, use it for any purpose, or store or copy the
> information in any medium. Thank you.
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg
>
-- 

С уважением,

Станислав Смышляев, к.ф.-м.н.,

Заместитель генерального директора

ООО «КРИПТО-ПРО»