Re: [Cfrg] I-D Action: draft-irtf-cfrg-argon2-10.txt
Colin Perkins <csp@csperkins.org> Mon, 13 April 2020 13:09 UTC
Return-Path: <csp@csperkins.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4592A3A1592 for <cfrg@ietfa.amsl.com>; Mon, 13 Apr 2020 06:09:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KKhYBltfqRNn for <cfrg@ietfa.amsl.com>; Mon, 13 Apr 2020 06:08:58 -0700 (PDT)
Received: from balrog.mythic-beasts.com (balrog.mythic-beasts.com [IPv6:2a00:1098:0:82:1000:0:2:1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A3BB3A1591 for <cfrg@ietf.org>; Mon, 13 Apr 2020 06:08:58 -0700 (PDT)
Received: from [81.187.2.149] (port=34564 helo=[192.168.0.80]) by balrog.mythic-beasts.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92.3) (envelope-from <csp@csperkins.org>) id 1jNypX-0001lV-MX; Mon, 13 Apr 2020 14:08:56 +0100
From: Colin Perkins <csp@csperkins.org>
Message-Id: <7BE09503-5662-4E1B-A306-154841668A8D@csperkins.org>
Content-Type: multipart/alternative; boundary="Apple-Mail=_8CCC013D-E6FB-4F11-AFED-7C2256CCFA3F"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.14\))
Date: Mon, 13 Apr 2020 14:08:48 +0100
In-Reply-To: <da5335bc-d646-cf08-7121-7aa4b7b5ff7d@cs.tcd.ie>
Cc: Milan Broz <gmazyland@gmail.com>, cfrg@ietf.org
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
References: <158514891064.31116.1008315008939609715@ietfa.amsl.com> <132bbe71-9589-71c9-bd70-14eae27afb61@cs.tcd.ie> <6b8deeb4-e1da-3cfc-6dad-31782af46765@gmail.com> <da5335bc-d646-cf08-7121-7aa4b7b5ff7d@cs.tcd.ie>
X-Mailer: Apple Mail (2.3445.104.14)
X-BlackCat-Spam-Score: 14
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/fk-i-WRj2UIqvqmIot-D-vLHAiM>
Subject: Re: [Cfrg] I-D Action: draft-irtf-cfrg-argon2-10.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Apr 2020 13:09:00 -0000
Hi, > On 9 Apr 2020, at 12:22, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: > On 09/04/2020 10:05, Milan Broz wrote: >> On 07/04/2020 01:41, Stephen Farrell wrote: >>> I did an IRSG review for -09. This addresses all the issues >>> that I found there, except one, and that being (I think) >>> the most important one;-) >>> >>> The issue: What is a "primary variant" and what is an >>> implementer supposed to do? >>> >>> The above is a quote from my review of -09. Apologies if I >>> missed some change in -10 that addresses this. >>> >>> Let me make a suggestion: state that argon2id is mandatory >>> to implement, and that the other variants are not. >> >> Argon2id is combination of Argon2i + Argon2d, so implementing >> all three variants should be quite easy (code must be there anyway, >> it is just about providing external interface to it). >> >> I think all variants should be mandatory... and as I understand >> the current RFC draft (3.1 section), it already says so: >> >> o Type y of Argon2: MUST be 0 for Argon2d, 1 for Argon2i, 2 for >> Argon2id. >> >> (We use Argon2 in cryptsetup/LUKS2 and Argon2i (not id) is >> currently the primary variant for the key derivation. >> For compatibility with existing devices we need support >> for all three variants. But obviously, this is just one use case, >> RFC is more generic.) > > I'd also be fine with all being mandatory to implement > but would prefer just one. Even if there's not much cost, > in terms of code, there would be follow on cost in terms > of assigning code-points at higher layers, and in terms > of the arguments that will ensue about which code-point > to use/assign in various contexts. Providing more options > at this level is usually a bad plan that's unfortunately > attractive to many cryptographers;-) > > But my main ask is just that it be clear what's expected > of an implementer, so we get better interop. I agree with Stephen that the draft needs to be more explicit about which variants need to be implemented. -- Colin Perkins https://csperkins.org/
- [Cfrg] I-D Action: draft-irtf-cfrg-argon2-10.txt internet-drafts
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-argon2-10.… Stephen Farrell
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-argon2-10.… Milan Broz
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-argon2-10.… Stephen Farrell
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-argon2-10.… Colin Perkins