Re: [Cfrg] Requirements for PAKE schemes
Евгений Алексеев <geni-cmc@mail.ru> Fri, 22 April 2016 14:33 UTC
Return-Path: <geni-cmc@mail.ru>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EDF0A12E0D1 for <cfrg@ietfa.amsl.com>; Fri, 22 Apr 2016 07:33:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.3
X-Spam-Level:
X-Spam-Status: No, score=-1.3 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mail.ru
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AIgUadGazwsz for <cfrg@ietfa.amsl.com>; Fri, 22 Apr 2016 07:33:05 -0700 (PDT)
Received: from f418.i.mail.ru (f418.i.mail.ru [185.5.136.89]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6F21912D9F9 for <cfrg@irtf.org>; Fri, 22 Apr 2016 07:33:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mail.ru; s=mail2; h=Content-Type:Message-ID:Reply-To:Date:MIME-Version:Subject:To:From; bh=vAjBQbP+M3E44BFjCEotLuQT+cKEm/ETHXBcFq5wRvo=; b=CPQ1ulDlK77bMHDLvwR0p0SsEoGGfsFW/ftmOsd1M22CbwqCn+pwGzoYieS0EFoae1q7fF92Soo4cMbkL2KpiZMeCMJ50dueIQv+V5Icnv+LihfVifnzKOV27pNNF/IFgKAXzBARzI5xJRma/Y1VpoBR7L8DZ16biB5BwvElA9Q=;
Received: from [193.37.157.2] (ident=mail) by f418.i.mail.ru with local (envelope-from <geni-cmc@mail.ru>) id 1atc8i-0002Ca-8g; Fri, 22 Apr 2016 17:33:01 +0300
Received: from [193.37.157.2] by e.mail.ru with HTTP; Fri, 22 Apr 2016 17:33:00 +0300
From: Евгений Алексеев <geni-cmc@mail.ru>
To: cfrg@irtf.org, Joern-Marc.Schmidt@secunet.com, KennyKenny.Paterson@rhul.ac.uk, "alexey.melnikov" <alexey.melnikov@isode.com>
MIME-Version: 1.0
X-Mailer: Mail.Ru Mailer 1.0
X-Originating-IP: [193.37.157.2]
Date: Fri, 22 Apr 2016 17:33:00 +0300
X-Priority: 3 (Normal)
Message-ID: <1461335580.69111977@f418.i.mail.ru>
Content-Type: multipart/alternative; boundary="--ALT--YUN5EwckQBXqMwVuvTQXg5ECyDcR8Qe81461335580"
X-Mras: Ok
X-Spam: undefined
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/crDySYkDkXh4595OfDuyUtuZ6K8>
Subject: Re: [Cfrg] Requirements for PAKE schemes
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: Евгений Алексеев <geni-cmc@mail.ru>
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Apr 2016 14:33:08 -0000
Hello! The R3 and R4 requirements seem to be very similar, as I understand. The requirement to show how to protect an implementation in hostile environment includes the requirement of the necessity to implement the scheme in constant time. Maybe it is resonable to formulate R3 and R4 together in the following way: R4: It SHOULD be possible to implement the PAKE scheme in hostile environments safely, particularly to implement the PAKE scheme in constant time to protect from timing attacks. -- Best regards, Evgeny Alekseev, Moscow State University, Technical committee for standardisation "Cryptography and security mechanisms" (ТC 26).
- [Cfrg] Requirements for PAKE schemes Schmidt
- Re: [Cfrg] Requirements for PAKE schemes Paul Lambert
- Re: [Cfrg] Requirements for PAKE schemes Schmidt
- Re: [Cfrg] Requirements for PAKE schemes 辛星漢
- Re: [Cfrg] Requirements for PAKE schemes Stanislav V. Smyshlyaev
- Re: [Cfrg] Requirements for PAKE schemes Mike Hamburg
- Re: [Cfrg] [MASSMAIL]Re: Requirements for PAKE sc… Grigory Marshalko
- Re: [Cfrg] [MASSMAIL]Re: Requirements for PAKE sc… Stanislav V. Smyshlyaev
- Re: [Cfrg] [MASSMAIL]Re: Requirements for PAKE sc… Watson Ladd
- Re: [Cfrg] [MASSMAIL]Re: Requirements for PAKE sc… Stanislav V. Smyshlyaev
- Re: [Cfrg] [MASSMAIL]Re: Requirements for PAKE sc… Василий Долматов
- Re: [Cfrg] [MASSMAIL]Re: Requirements for PAKE sc… Robert Moskowitz
- Re: [Cfrg] [MASSMAIL]Re: Requirements for PAKE sc… Yoav Nir
- Re: [Cfrg] [MASSMAIL]Re: Requirements for PAKE sc… Grigory Marshalko
- Re: [Cfrg] [MASSMAIL]Re: Requirements for PAKE sc… Станислав Смышляев
- Re: [Cfrg] [MASSMAIL]Re: Requirements for PAKE sc… Stanislav V. Smyshlyaev
- Re: [Cfrg] [MASSMAIL]Re: Requirements for PAKE sc… Schmidt
- Re: [Cfrg] Requirements for PAKE schemes Stanislav V. Smyshlyaev
- Re: [Cfrg] Requirements for PAKE schemes Евгений Алексеев
- Re: [Cfrg] Requirements for PAKE schemes Schmidt