Re: [Cfrg] [CFRG] PAKE selection process: Update on documentation regarding CPace and AuCPace

steve@tobtu.com Fri, 24 April 2020 23:48 UTC

Return-Path: <steve@tobtu.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 772593A0FE0 for <cfrg@ietfa.amsl.com>; Fri, 24 Apr 2020 16:48:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9qw9ikjMbWe5 for <cfrg@ietfa.amsl.com>; Fri, 24 Apr 2020 16:48:46 -0700 (PDT)
Received: from mout.perfora.net (mout.perfora.net [74.208.4.196]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AF3E93A0FDB for <cfrg@irtf.org>; Fri, 24 Apr 2020 16:48:44 -0700 (PDT)
Received: from oxuslxaltgw02.schlund.de ([10.72.76.58]) by mrelay.perfora.net (mreueus002 [74.208.5.2]) with ESMTPSA (Nemesis) id 0LgJSE-1ipimN3jL2-00njYt for <cfrg@irtf.org>; Sat, 25 Apr 2020 01:48:43 +0200
Date: Fri, 24 Apr 2020 18:48:42 -0500 (CDT)
From: steve@tobtu.com
To: "cfrgirtf.org" <cfrg@irtf.org>
Message-ID: <745065292.92833.1587772122266@email.ionos.com>
In-Reply-To: <trinity-277932c7-5fc1-4afd-b990-3bcc13189284-1581102307483@3c-app-webde-bs19>
References: <trinity-277932c7-5fc1-4afd-b990-3bcc13189284-1581102307483@3c-app-webde-bs19>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer v7.10.1-Rev30
X-Originating-Client: open-xchange-appsuite
X-Provags-ID: V03:K1:oqxLNzU2xuvjGFSYo9cKY/UkNxImdHlXCmy9Gj5g39MaFNcfbbP d6bxWewWec2Bia19+sdmU0A3pZU5tY9IwA/3xC/PPwqCYqAyMFAuWe0rElFjxbQEazvQ68J HHVUEHgM2uoqMF5QVlHEmDHAFtxWOkx37/p7CM6LV9xW7DhqbrrpCGGFsQJBBgCtVXBYlbu gOu3uIOUcLEnmiu9TfBOw==
X-UI-Out-Filterresults: notjunk:1;V03:K0:EM07yByqyK0=:S5c8tasjEQ1udnj1MBChD9 ot8bdvy3rNmrE/uqhMphR705TtCo9mQl8H2iPZSbaP9Y9ZvlDMzrN09e1x3kyerbunTM3TanN 17VqE2gBsAPcA+JmdcnlutgiBQ77g6Pv2hKFfI6B8R0kVcWpPO0r4LrXJFkZwfodCRDmFmmM2 MvBA1K+XFPwfyTAnAsmvXQ4ulSyNkMF35aSG2aLK68grSgZr1deEJbSqLiprtGkRuu4LY+7it OQY1Tkyj6MTniLAepyj7PZX5hT2IaF+E9XlgIDfaihnNf68GffkRWsJTVwMM5BXi7bBsn8xZr Bw9Y4l++Y2jzOczGp+xRgK4D1co8zlYu5mZnOcw6CV4uVwphVQBisNLTDqBwACFlahizwEZJF k1IJULgDBg1iL7dzzmNJmwGYbBQfhpkR5I+fGFEURw32oA4sv7Rtu4D6wkYy42PIKJlfnMIOv ni9fimOG6hTk03bEZlPbgRkygWtpYc9ORYuw0B0UIXnPX96EhPjCHdUQB1Sbej2F/enFn/LQN xwwBlcrXHyz+jusRuNMsbzbKe/PnrkOu/XUE0XutR3JQMIMhg30/2JceGzFL714v/SZE25gXI jZj5rBzeCca156cHU8PvGgMpryjbpQdOAHvknYWvQs0JsfcNUH/A6sm17nm7RhngXUnPO5Fg2 KAm02/gJD+BYOa6G7g4RCgyAGpBEgJ3K4Y+iHsb+S4QG/YbnZvMu7xS4TWqalHd1jir6mAuUS 1uKGAvA2yOEIPfxRncpBL1oqfFEkNYW6h1bFzosxuT6twvOkrvDpnhZJSuOqyohl1aMpRYYHK vgMOb5oK3OBNkHkLEFBRsksLc+TeMGfabK0KyuYxoG1EG8MmeH9xHqCuHem/0aNgJe3rrIh
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/hJ8DLg_cHjyuCihsh0T7lS0MqKc>
Subject: Re: [Cfrg] [CFRG] PAKE selection process: Update on documentation regarding CPace and AuCPace
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Apr 2020 23:48:49 -0000

The section about iterative hash function "IHF" in the CPace draft (https://tools.ietf.org/html/draft-haase-cpace-01) is orphan documentation and should be removed.


The function "IHF" is used inconsistently in the AuCPace draft (https://tools.ietf.org/html/draft-haase-aucpace-01). Sometimes omitting sigma (the work parameters) and in different order than defined.

It's defined as:
IHF(salt, username, pw, sigma)

but used like:
IHF(username,pw,salt)
IHF(pwd,username,salt)
IHF(salt, username, password)
IHF(sigma,username,password, salt)


> On February 7, 2020 at 1:05 PM "Björn Haase" <Bjoern.M.Haase@web.de> wrote:
> 
> 
> Hi CFRG,
> 
> I would like to give notice of the changes in documentation regarding CPace and AuCPace.
>  
> https://tools.ietf.org/html/draft-haase-aucpace-01
> https://tools.ietf.org/html/draft-haase-cpace-01
> 
> Differences in the CPace draft 01: 
> 
> The CPace text is slightly rephrased and now refers to the acronym SDH as the
> simultaneous Diffie-Hellmann problem (as defined and analyzed in the VTBPEKE paper).
> Notation has been modified at some places in order to be in line with a reworked
> paper with the security proof that considers the last recommendations of round 1.
> (To be submitted this week-end).
> 
> Differences in the AuCPace draft 01:
>  
> I have added the process of AuCPace-authenticated transactions, such as useful for
> change-passwords and "sudo"-style transactions. I moreover have fixed a bug in the
> test vector section that stemmed from the fact that some python implementations of
> scrypt seem to have problems with non-ASCII characters in the salt field.
> 
> Moreover, I have setup a repository with reference implementations for SageMath and C.
> Code is available at 
> https://github.com/BjoernMHaase/AuCPace
> 
> Yours,
> 
> Björn.
> 
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg