IETF Logo Mail Archive

Re: [Cfrg] Requirements for PAKE schemes

Paul Lambert <paul@marvell.com> Tue, 30 June 2015 11:06 UTC

Return-Path: <paul@marvell.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C29531A8855 for <cfrg@ietfa.amsl.com>; Tue, 30 Jun 2015 04:06:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.967
X-Spam-Level:
X-Spam-Status: No, score=-1.967 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AuCQSnhRKbMI for <cfrg@ietfa.amsl.com>; Tue, 30 Jun 2015 04:06:24 -0700 (PDT)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DA291A8854 for <cfrg@ietf.org>; Tue, 30 Jun 2015 04:06:24 -0700 (PDT)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.15.0.59/8.15.0.59) with SMTP id t5UB5llG020788; Tue, 30 Jun 2015 04:06:23 -0700
Received: from sc-exch03.marvell.com ([199.233.58.183]) by mx0b-0016f401.pphosted.com with ESMTP id 1vbggrh71e-1 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 30 Jun 2015 04:06:23 -0700
Received: from SC-EXCH03.marvell.com (10.93.176.83) by SC-EXCH03.marvell.com (10.93.176.83) with Microsoft SMTP Server (TLS) id 15.0.1044.25; Tue, 30 Jun 2015 04:06:21 -0700
Received: from SC-EXCH03.marvell.com ([fe80::6cb0:4dfa:f3f3:b8b6]) by SC-EXCH03.marvell.com ([fe80::6cb0:4dfa:f3f3:b8b6%21]) with mapi id 15.00.1044.021; Tue, 30 Jun 2015 04:06:21 -0700
From: Paul Lambert <paul@marvell.com>
To: "Schmidt, Jörn-Marc" <Joern-Marc.Schmidt@secunet.com>, "cfrg@ietf.org" <cfrg@ietf.org>
Thread-Topic: [Cfrg] Requirements for PAKE schemes
Thread-Index: AQHQsyTLGvKyZPKkQUKzsy2M6NFzkg==
Date: Tue, 30 Jun 2015 11:06:21 +0000
Message-ID: <D1B7C462.6E7C4%paul@marvell.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.5.2.150604
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [10.94.250.30]
Content-Type: text/plain; charset="Windows-1252"
Content-ID: <88A76E8CF21B8F4DB6459371F72AFBB2@marvell.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2015-06-30_05:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 kscore.is_bulkscore=0 kscore.compositescore=1 compositescore=0.9 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 kscore.is_spamscore=0 rbsscore=0.9 spamscore=0 urlsuspectscore=0.9 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1506180000 definitions=main-1506300179
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/hG7YtK5extjfClzmCV8VREHHjGM>
Subject: Re: [Cfrg] Requirements for PAKE schemes
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jun 2015 11:06:25 -0000

Nicely written Š A couple general comments, in section 5 it states:

"This technique can be used
   to parlay a short one-time code, into a long-lived public key.²

This seems much more interesting than just setting up shared secrets.
Perhaps it could be included in the MAY comments to help promote the
addressing of this capability.  A PAKE plus long-lived public key is an
important building block for pairing/setup of devices that use public keys
for authentication.

Where long-lived public keys are used, a requirement should also be added
to discuss the privacy properties of the scheme.

Paul


On 6/30/15, 3:27 AM, "Cfrg on behalf of Schmidt, Jörn-Marc"
<cfrg-bounces@irtf.org on behalf of Joern-Marc.Schmidt@secunet.com> wrote:

>Dear all,
>
>I've just submitted a draft that discusses potential requirements for PAKE
>schemes:  https://datatracker.ietf.org/doc/draft-irtf-cfrg-pake-reqs/
>Many thanks go to Dan Harkins for his great help & support.
>
>I hope that this document is a kind of starting point for a discussion on
>what we expect from PAKE schemes. Any comment/feedback/suggestion is
>welcome.
>
>Best regards,
>
>Jörn
>

v2.23.0 | Report a Bug | By Email