Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFRG document
Paul Grubbs <pag225@cornell.edu> Thu, 28 January 2016 21:53 UTC
Return-Path: <pag225@cornell.edu>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BC0851A9112 for <cfrg@ietfa.amsl.com>; Thu, 28 Jan 2016 13:53:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.58
X-Spam-Level:
X-Spam-Status: No, score=-3.58 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jnW6vDWZQxLY for <cfrg@ietfa.amsl.com>; Thu, 28 Jan 2016 13:53:14 -0800 (PST)
Received: from limerock01.mail.cornell.edu (limerock01.mail.cornell.edu [128.84.13.241]) by ietfa.amsl.com (Postfix) with ESMTP id 06E921A910A for <Cfrg@irtf.org>; Thu, 28 Jan 2016 13:53:13 -0800 (PST)
X-CornellRouted: This message has been Routed already.
Received: from exchange.cornell.edu (sf-e2013-02.exchange.cornell.edu [10.22.40.49]) by limerock01.mail.cornell.edu (8.14.4/8.14.4_cu) with ESMTP id u0SLrCVJ031568 for <Cfrg@irtf.org>; Thu, 28 Jan 2016 16:53:13 -0500
Received: from sf-e2013-07.exchange.cornell.edu (10.22.40.54) by sf-e2013-02.exchange.cornell.edu (10.22.40.49) with Microsoft SMTP Server (TLS) id 15.0.1104.5; Thu, 28 Jan 2016 16:53:12 -0500
Received: from mail-wm0-f42.google.com (74.125.82.42) by exchange.cornell.edu (10.22.40.54) with Microsoft SMTP Server (TLS) id 15.0.1104.5 via Frontend Transport; Thu, 28 Jan 2016 16:53:12 -0500
Received: by mail-wm0-f42.google.com with SMTP id p63so43698237wmp.1 for <Cfrg@irtf.org>; Thu, 28 Jan 2016 13:53:12 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=1bRSQB75abMy1x9PY/GkMZE9sSOLgE3ZAZpSKNEKFXU=; b=jjeiWme4D8TaX8yifhOfAFKcHCgXXx6B3ZnFzP9r0hWCHHM4jRt7vrWEEOe5VgldYp fKbhEM8WM3o1IRW2Ias7ToZTX+cZ47bW1pnPoe1DL7Aq0KS1gOZLF2k4rv1qKd01EVaq s1vbn4Wg8zwFuRUXOrz1C7xJd/+gNnBbVBSM4TX33HasbQaVxE0rf80IFvAdLxQkJuF+ l/uwj9DXFIoEFq0WmQBXCcGidFQCqs/qgdGQPlGut17EoNr4Sq04WgMaPVxD+FAn0jrL /BcZQU8iifxOz4PkPtwFxdrbPPoBwYsydfKR4zbxpgbA4rCVeY/94I4VdnHETnSD5E6n EXQA==
X-Gm-Message-State: AG10YOTZswLDI+A8EVyFWQdboQAp9iatmLQEqqH90qRvv8sXKTnbwMgm2yR7pNQskac7BQuemtqJlkz3mUYMuBy6PMzYkotiXJc3tSdmMybLKu0zcPWtU6PfbfhK2I0dpPi/9HGkjLyT3g9E08Vpff7RjPU=
X-Received: by 10.28.111.91 with SMTP id k88mr5075258wmc.86.1454017991451; Thu, 28 Jan 2016 13:53:11 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.28.111.91 with SMTP id k88mr5075236wmc.86.1454017991003; Thu, 28 Jan 2016 13:53:11 -0800 (PST)
Received: by 10.28.7.195 with HTTP; Thu, 28 Jan 2016 13:53:10 -0800 (PST)
In-Reply-To: <9f49e240b03d7b6156b0ed08912ef520@mail.tc26.ru>
References: <D2C82E57.60B44%kenny.paterson@rhul.ac.uk> <6D05C894-4D0D-4089-B4C1-40DF4FDE6C63@shiftleft.org> <D2C83321.60B6A%kenny.paterson@rhul.ac.uk> <9f49e240b03d7b6156b0ed08912ef520@mail.tc26.ru>
Date: Thu, 28 Jan 2016 16:53:10 -0500
Message-ID: <CAKDPBw8VGQo3WJV2hSe3tM3Tzm+Xp6OE7hds-BK5Vcv9ai1S3g@mail.gmail.com>
From: Paul Grubbs <pag225@cornell.edu>
To: Grigory Marshalko <marshalko_gb@tc26.ru>
Content-Type: multipart/alternative; boundary="001a1146978ed9e6b6052a6bf189"
Received-SPF: Neutral (sf-e2013-02.exchange.cornell.edu: 74.125.82.42 is neither permitted nor denied by domain of pag225@cornell.edu)
X-ORG-HybridRouting: a7d366b0f5b511ba4648f93eb946f9c7
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/k82h4A8VUhL1aN2CcbSXihN-VPs>
Cc: "cfrg@irtf.org" <Cfrg@irtf.org>
Subject: Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFRG document
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jan 2016 21:53:16 -0000
Would it be out of the question to ask the authors of Argon2 (or anybody, really) to do a more formal analysis of its space-hardness? It would be nice to have a proof (e.g. based on pebbling arguments) of some kind of time-space tradeoff for Argon2. On Thu, Jan 28, 2016 at 3:39 PM, Grigory Marshalko <marshalko_gb@tc26.ru> wrote: > Indeed, the PHC competition has significantly contributed to the design > and analysis of password-hashing schemes. It's a nice mixture of crypto and > engineering. So it would be desirable to wait until we understand the > limits of attacks and corresponding countermeasures. > The article on baloon hashing is a significant step forward for > understanding these issues. > > Regards, > Grigory Marshalko, > expert, > Technical committee for standardisation "Cryptography and security > mechanisms" (ТC 26) > www.tc26.ru > 22 января 2016 г., 22:31, "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk> > написал: > > Mike, > > > > Thanks. The authors of the Argon2 design may in due course tweak their > > design to avoid the identified problems, or argue that they are not > > sufficiently worrisome to warrant a change to the design. > > > > We definitely need to factor this in to our deliberations, and we will > > take the time to do so. Let's see how it plays out... > > > > Regards > > > > Kenny > > > > On 22/01/2016 19:20, "Mike Hamburg" <mike@shiftleft.org> wrote: > > > >> We might want to hold off on Argon2 — at least on finalizing it — until > >> the team has > >> responded to (and hopefully mitigated) the issues mentioned at > >> https://eprint.iacr.org/2016/027. Essentially the problem is that > Argon2 > >> can be computed > >> in less space than advertised. The team said that they are planning a > >> response, cf > >> http://permalink.gmane.org/gmane.comp.security.phc/3606 > >> > >> Cheers, > >> — Mike > >> > >> On Jan 22, 2016, at 11:10 AM, Paterson, Kenny < > Kenny.Paterson@rhul.ac.uk> > >> wrote: > >> > >> Dear CFRG, > >> > >> Having received limited feedback either way from the group > (specifically, > >> one voice in favour), the CFRG chairs have decided to adopt > >> https://tools.ietf.org/html/draft-josefsson-argon2-00 as a CFRG > document. > >> > >> If you have objections or concerns, please reply to this email or > directly > >> to CFRG chairs. > >> > >> Sincerely, > >> > >> Kenny Paterson (for the chairs) > >> > >> On 06/11/2015 11:47, "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk> > wrote: > >> > >> Hi Stephen, > >> > >> Yes, the chairs are amenable to this. We've been keeping an eye on the > >> password hashing competition and were planning a work item in this area. > >> > >> Any comments from the group, either supporting or objecting to us > adopting > >> this draft in the RG? > >> > >> Cheers, > >> > >> Kenny > >> > >> (for the chairs) > >> > >> On 06/11/2015 02:18, "Cfrg on behalf of Stephen Farrell" > >> <cfrg-bounces@irtf.org on behalf of > >> stephen.farrell@cs.tcd.ie> wrote: > >> > >> The password hashing competition has a winner and some folks > >> in the openpgp wg are interested in using that winner. I guess > >> this might be better processed via cfrg if folks are amenable > >> to that. > >> > >> Thanks, > >> S. > >> > >> _______________________________________________ > >> Cfrg mailing list > >> Cfrg@irtf.org > >> https://www.irtf.org/mailman/listinfo/cfrg > > > > _______________________________________________ > > Cfrg mailing list > > Cfrg@irtf.org > > https://www.irtf.org/mailman/listinfo/cfrg > > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg >
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Paterson, Kenny
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Dmitry Khovratovich
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Dmitry Khovratovich
- Re: [Cfrg] adopting Argon2 as a CFRG document Paterson, Kenny
- Re: [Cfrg] adopting Argon2 as a CFRG document Mike Hamburg
- Re: [Cfrg] adopting Argon2 as a CFRG document Paterson, Kenny
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Grigory Marshalko
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Paul Grubbs
- Re: [Cfrg] adopting Argon2 as a CFRG document Mike Hamburg
- Re: [Cfrg] adopting Argon2 as a CFRG document marshalko_gb
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Paterson, Kenny
- [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFRG do… Dmitry Khovratovich
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Dmitry Khovratovich
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Joel Alwen
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Jean-Philippe Aumasson
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Joel Alwen
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Jean-Philippe Aumasson
- Re: [Cfrg] adopting Argon2 as a CFRG document Jeremiah Blocki
- Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFR… Stefano Tessaro