Re: [Cfrg] PAKEs for IoT
"Stanislav V. Smyshlyaev" <smyshsv@gmail.com> Wed, 20 November 2019 08:42 UTC
Return-Path: <smyshsv@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B257120AA1 for <cfrg@ietfa.amsl.com>; Wed, 20 Nov 2019 00:42:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GkA9TXj1LPYR for <cfrg@ietfa.amsl.com>; Wed, 20 Nov 2019 00:41:58 -0800 (PST)
Received: from mail-lj1-x22e.google.com (mail-lj1-x22e.google.com [IPv6:2a00:1450:4864:20::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1048B120088 for <cfrg@irtf.org>; Wed, 20 Nov 2019 00:41:58 -0800 (PST)
Received: by mail-lj1-x22e.google.com with SMTP id 139so26551144ljf.1 for <cfrg@irtf.org>; Wed, 20 Nov 2019 00:41:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=l2heCUy0SAoTXu1GpJuB1nnaaYZ6dZPGei3VkKjmSxs=; b=qY23Nu1TBjWvZBrYby11ixh9p4Duvov/hpDFBsp6LZET9Ihqdmmk0G/oJ8HjaLsJHI tdg/9fZhpvPZgmEmkdnZ9DBfJevsPQR49QzraGnmkEMmt38Od1jTr0P4EQvO64PAjFBg XKFew6VYSQRdJNluJgEh4D0c13g4lbSbX3HzeHISAr9LqQwXdj8l38/EtSSqQLjBjQNG t53+lTYNu9M7f8JV9bWZ2AI/Kh3Htf7mQDJ6D3OY+RINbC1MycQ1Ugr1ADDse54NTr+f 8dugtD0veDP2EWo4BCJiz/n9nDo918Uh9j+JTtj0NrjUL0Ax7bQNc3TKwFLcJOmXryFt U+OQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=l2heCUy0SAoTXu1GpJuB1nnaaYZ6dZPGei3VkKjmSxs=; b=QSJd+EpllarQHXGxyMXOjMdh4v4+nK5oQu8G8ciaQl1hlySRoxmPrLs4jPPXXt8dTJ x6MN3Fe3jTixuWRGsB/ljIrXyyB8oLnN66DZRK4yuEFsrhFJiMD41Wa+ybvN6wVh3fQx qhuWwqvjkvmYHGu9jZ2nND6us5C/3gF2AnWGv7y15KB1h3yzG+I9Oxf3dLo/7BaS044i LJuwnjBzyCgiDUO1lShulE93ZShowQFGmJn880SnlB7DQ8CBttibGrWUFAB94Sz1HZ0p c5KxLMvpsHbgp/ABpn5zgfmvZoVstelUdC/cqQEXiq5YsYhohCfX9gSnUOWoPEvP/yLN 8mbQ==
X-Gm-Message-State: APjAAAWVXkRDL4noidghECB+C21P3Q4xygFx92LXlAPlQG2XeAZQ0rke E7CV3Wnvwr2VGbzv1q3WyI7f4rsjMiw1L42yUzk=
X-Google-Smtp-Source: APXvYqybi7z3uQi3IXdeLaeOIrAfacT9ePqU/vGI1InCH/Lbctcw7I8RkpDx3ptYwHhMEaAJtvgz/6IXzIIBKOWdP5c=
X-Received: by 2002:a2e:8518:: with SMTP id j24mr1511979lji.13.1574239316199; Wed, 20 Nov 2019 00:41:56 -0800 (PST)
MIME-Version: 1.0
References: <VI1PR08MB536013F38CDADF4D2331E2F1FA4F0@VI1PR08MB5360.eurprd08.prod.outlook.com>
In-Reply-To: <VI1PR08MB536013F38CDADF4D2331E2F1FA4F0@VI1PR08MB5360.eurprd08.prod.outlook.com>
From: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>
Date: Wed, 20 Nov 2019 16:41:44 +0800
Message-ID: <CAMr0u6mpVqhariENaXAKKxQLtLfKuC6oN6QSJjZYev7m8kTrCA@mail.gmail.com>
To: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
Cc: cfrg <cfrg@irtf.org>
Content-Type: multipart/alternative; boundary="0000000000003bcc6d0597c32713"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/cJ841rAmYkP3PrA4wBbJckTjfaQ>
Subject: Re: [Cfrg] PAKEs for IoT
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2019 08:42:01 -0000
Dear Hannes, All collected information about the candidates is here: https://github.com/cfrg/pake-selection Could you please formulate the corresponding questions to the authors of the four nominated PAKEs that are to be considered at Round 2 (SPAKE2, CPace, AuCPace and OPAQUE) and send those questions to crypto-panel@irtf.org ?.. Best regards, Stanislav ср, 20 нояб. 2019 г. в 16:36, Hannes Tschofenig <Hannes.Tschofenig@arm.com>: > Hi all, > > > > I was asked to do an analysis of the proposed PAKEs for IoT. I know I am > very late with doing that. I tried but I ran into a few problems: > > > > First, it is not clear whether there are any specific requirements for the > use of PAKEs in IoT because performance concerns are less applicable. PAKEs > are used largely for onboarding where user interaction is required. This > reduces the need for low latency because (a) users tend to be slower than > machines and (b) large network load due to mass (automatic) onboarding > appears to be a non-issue. > > > > Second, I had a hard time finding performance data for the proposals. > Getting an understanding of the required code size & ram size on embedded > devices would also be super useful. > > > > Third, it remains to be seen whether new PAKEs will get adopted by SDOs > working on IoT for two reasons: (1) There is a push from governments not to > use passwords on IoT devices (irrespectively of whether they are using > PAKEs or not; a distinction that is not understood by users anyway.) (2) > There are two PAKEs deployed already, namely JPAKE (in Thread) and > Dragonfly (for use with WiFi security). At least in Thread, the effort > wasn’t very successful because we have other technologies that give us > better properties without bothering the user. > > > > Ignoring the third item, I was wondering whether someone can help me with > my analysis by pointing to performance data or code (ideally from those > working on the proposals). > > > > Ciao > > Hannes > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg > -- С уважением, Станислав Смышляев, к.ф.-м.н., Заместитель генерального директора ООО «КРИПТО-ПРО»
- [Cfrg] PAKEs for IoT Hannes Tschofenig
- Re: [Cfrg] PAKEs for IoT Stanislav V. Smyshlyaev
- Re: [Cfrg] PAKEs for IoT Hannes Tschofenig