Re: [Cfrg] Introduction, and some concerns regarding draft-irtf-cfrg-argon2

Dmitry Khovratovich <> Thu, 09 July 2020 16:07 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 1561B3A0CAB for <>; Thu, 9 Jul 2020 09:07:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id uUWqhDEp4n4f for <>; Thu, 9 Jul 2020 09:07:20 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::d30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 638D73A0CCD for <>; Thu, 9 Jul 2020 09:06:59 -0700 (PDT)
Received: by with SMTP id o5so2854877iow.8 for <>; Thu, 09 Jul 2020 09:06:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=KEUxMy2+dgCtqVIdwsKhdoGG+8DsxWzMtOGOo9Ou/vU=; b=UU6mvgQCybV8rO1hWgxOq41g+wg4WDhxPSf2qlZ1n5JdNAmf5S66bMD/MOZ0WYqPCK 2sHdAVxp+e1nLjWCZL5uXhzolod8zeZ8qLyDoKteh6JB6n5GPAi7Pd49E8AHXV4/bVg1 c13cAq9i5NEUC0vOzgECnuPUe1KqO1uG/vqirbO3lScQcHjyPYIrFfGubTukxrigO8FB Ogwbn89kiVWtlLKh78aPHd+Fjzj6dZsJ5cZUoRzN9wt8YWDyFpNiVAaS+0FnFHQeP4xH 5G3RfirUlH3+f2ay+ZShAtAdmOQx3ohbEpxwDaHzyElJBV5z+zipPQOTJjEyDhdY4LM8 6piA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=KEUxMy2+dgCtqVIdwsKhdoGG+8DsxWzMtOGOo9Ou/vU=; b=gZTJmHDazaVdgQ4vlS8w1P5JdFNpGkUNb9LZncszSkDOTLPcOcQjXguTVsA6i4GVIU lsKlNz0Ek5yzrG/WQcAFoDux8/jUcyuo5vuUx+ANaciMYAikk7umKphKrxrTcevb1YqU 4+maiZp6T/vklumbfV7tz16VhEBSrSh2+Uar/5AbURKHBCfBbXGuPLwwf3qI+N7C+YIn FoyFhLNAjLvfk9vAtT72c+te6TZFVOM7EA+KpAm1MmJziyCJ3P5h8qOejLZhBiyenk+I nKV9DnolqjtH4BQ72Eu/4497L4hNWFjyLPxVVSDnP4Q8frUvqip5iFjqkbJ6Djko34RT 4X3w==
X-Gm-Message-State: AOAM5338NpsU+br+jBHT1Yap6K0/w5mKVH1KYwFKU/gf3UdXwxm9cbzr kRqE0PBZ9VNp6ZoT7frbmUFykeO9Csu7oHAbokTwxQ==
X-Google-Smtp-Source: ABdhPJxIH5V3ASICQwoFiQ9KQjiSY0XBiipJqtOFnirt9FOAWSCffvdzXu3tyVgKK/P1+SyW41ARQ4wAqWENzI1WYO0=
X-Received: by 2002:a05:6602:15ca:: with SMTP id f10mr43779748iow.52.1594310818392; Thu, 09 Jul 2020 09:06:58 -0700 (PDT)
MIME-Version: 1.0
References: <> <> <> <> <>
In-Reply-To: <>
From: Dmitry Khovratovich <>
Date: Thu, 9 Jul 2020 18:06:46 +0200
Message-ID: <>
To: Gwynne Raskind <>
Content-Type: multipart/alternative; boundary="000000000000fdf4a105aa046953"
Archived-At: <>
Subject: Re: [Cfrg] Introduction, and some concerns regarding draft-irtf-cfrg-argon2
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 09 Jul 2020 16:07:23 -0000

Hi Gwynne,

thanks a lot for so much details! I have tried to incorporate everything to
the last version.

On Wed, Apr 29, 2020 at 4:05 AM Gwynne Raskind <>

> Apologies for the noise, but I just discovered a couple of errors in my
> notes (as was certain to happen the moment I sent them, no doubt :) ).
> Rather than send another attachment to the list and most likely end
> up having to replace that as well, I've posted the revised content as a
> Gist, found here: <
>>gt;. From
> now on this link will always provide the most up to date revision of the
> document.
> -- Gwynne Raskind
> On Apr 28, 2020, at 19:53, Gwynne Raskind <> wrote:
> Thanks to everyone for their encouragement! I've attached my edited set of
> notes in Markdown format (I can provide it in alternative form if desired).
> I have tried to restrain this initial set of notes mostly to the most
> critical issues, as I've been known to end up simply rewriting entire
> documents if I don't keep myself in check (and frankly this draft has
> tempted me greatly in that regard) ^^; Please don't hesitate to ask any
> questions if there's anything that needs clarifying. I hope you find these
> notes helpful!
> (P.S.: If the mailing list strips attachments, as I know many do, I
> welcome suggestions as to the best alternative for making the document
> available - my first instinct would be to post it as a GitHub Gist and send
> its link to the list instead.)
> <>
> -- Gwynne Raskind
> On Apr 27, 2020, at 17:32, Colin Perkins <> wrote:
> I agree – this draft is close to publication as an RFC, so if there are
> corrections and/or clarifications needed, then it would be useful to get
> feedback so they can be incorporated before publication.
> Colin
> On 27 Apr 2020, at 18:45, Scott Fluhrer (sfluhrer) <
>> wrote:
> I haven’t seen any public responses, and so, while I’m not an editor of
> this particular draft, I’d like to reply to your concerns.
> We would love to hear your critiques, both about minor errors such as
> typos, in addition to more major problems, such as ambiguities in the
> specification.
> One major reason these drafts are published is to get them correct; by
> helping us make the draft better, you are helping us a great deal.
> And, there isn’t any secret handshakes to work on this mailing list; we
> welcome everyone.  And you are certainly not out of line.
> I look forward to hearing your corrections and your suggestions.  Thank
> you.
> *From:* Cfrg <> *On Behalf Of *Gwynne Raskind
> *Sent:* Sunday, April 26, 2020 9:40 AM
> *To:*
> *Subject:* [Cfrg] Introduction, and some concerns regarding
> draft-irtf-cfrg-argon2
> Hello!
> My name is Gwynne Raskind; I'm a software engineer with a fairly wide
> range of technical experience and interests. I'm new to this mailing list,
> and to the IRTF in general - a colleague suggested that I subscribe to this
> working group's community to bring up an issue of concern to me with
> regards to the currently published draft of the specification of the Argon2
> key derivation function (formally draft-irtf-cfrg-argon2-10).
> In the course of both my work and general interest, I had occasion to
> investigate this algorithm and to attempt to build an implementation
> natively in the Swift language.. Unfortunately, I found the draft in its
> present form to be less helpful than I had hoped. After a considerable
> amount of time spent studying the C reference implementation and comparing
> it with the specification, I was able to derive a nearly complete and
> partially functional implementation of my own. It was a fascinating
> learning experience, but I also noted a significant number of typographical
> errors, incomplete descriptions, missing elements, and other problems in
> the spec itself.
> As I have an active interest in the cryptography space, as well as plenty
> of experience as both a technical writer and as a systems engineer, I took
> it upon myself to write up a somewhat exhaustive list of the various issues
> I encountered in the spec, ranging from technical analysis to grammatical
> concerns: I would be very pleased to contribute it (along with some
> accompanying suggestions of potential corrections) if it would be welcomed.
> I apologize if I'm in any way out of line; I couldn't find any kind of
> guidelines for how to approach this sort of problem, short of doing exactly
> this, so here I am.
> Thanks for reading through this, and I hope to get the chance to help out!
> -- Gwynne Raskind
> _______________________________________________
> Cfrg mailing list
> --
> Colin Perkins
> _______________________________________________
> Cfrg mailing list

Best regards,
Dmitry Khovratovich