Re: [Cfrg] OPAQUE at Facebook

Björn Haase <bjoern.haase@endress.com> Wed, 28 August 2019 03:18 UTC

Return-Path: <bjoern.haase@endress.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 59FA01200FF for <cfrg@ietfa.amsl.com>; Tue, 27 Aug 2019 20:18:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=endress.com header.b=xUFzUdOl; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=endress.com header.b=leaGKQG7
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R8cs5SaDKv3n for <cfrg@ietfa.amsl.com>; Tue, 27 Aug 2019 20:18:37 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60073.outbound.protection.outlook.com [40.107.6.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0158C120052 for <cfrg@irtf.org>; Tue, 27 Aug 2019 20:18:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=endress.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=e07nYeyQITW+SaKpV9onq//LknZP2etbxDKGcBeIeG0=; b=xUFzUdOl77umt1eAuOaqfAWRxyRfKqq8qohZV0EL1UqjtGOZx6tMaukyPXHMD1g7ZfK+6BZKkX9EtI6n81ZEhFwnfPjbe+ih8Re2WdeBLRV6gqdHyW19dNJlzdIg6zshEVBTEgu2T88kWiIGvUs86fNsMUOcGX+icAeK3HLFRTo=
Received: from AM6PR0502CA0066.eurprd05.prod.outlook.com (2603:10a6:20b:56::43) by AM6PR05MB4183.eurprd05.prod.outlook.com (2603:10a6:209:40::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2199.20; Wed, 28 Aug 2019 03:18:28 +0000
Received: from VE1EUR03FT008.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e09::203) by AM6PR0502CA0066.outlook.office365.com (2603:10a6:20b:56::43) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2199.14 via Frontend Transport; Wed, 28 Aug 2019 03:18:28 +0000
Authentication-Results: spf=pass (sender IP is 40.113.82.155) smtp.mailfrom=endress.com; irtf.org; dkim=fail (body hash did not verify) header.d=endress.com;irtf.org; dmarc=pass action=none header.from=endress.com;
Received-SPF: Pass (protection.outlook.com: domain of endress.com designates 40.113.82.155 as permitted sender) receiver=protection.outlook.com; client-ip=40.113.82.155; helo=iqsuite.endress.com;
Received: from iqsuite.endress.com (40.113.82.155) by VE1EUR03FT008.mail.protection.outlook.com (10.152.18.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2199.13 via Frontend Transport; Wed, 28 Aug 2019 03:18:27 +0000
Received: from mail pickup service by iqsuite.endress.com with Microsoft SMTPSVC; Wed, 28 Aug 2019 05:18:27 +0200
Received: from EUR03-AM5-obe.outbound.protection.outlook.com ([104.47.8.54]) by iqsuite.endress.com over TLS secured channel with Microsoft SMTPSVC(8.5.9600.16384); Wed, 28 Aug 2019 05:18:26 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Gb44CNYisasdOdjyKY9uY0EiFLsK42JXityC1cr4dhMPvWfbXLz1OhL7Xdr0FS/rVIltMBB/jUMgKb2Y7L9cIegKDNrWbMRF4ODBvH3RXMfUeunI+Tfmv5uL/9vw8t/sZC8SnG9Uu/jW7hITiH3aK/R0iknqGqLghE5TXUv+/VPwcDzjAArHi4U1TgAjU+LSe65j8vKEMNnvjVzY9O3U6ATLEHG+XARJhBHAGnsZQPeImIy+JnjgZyg5xW/PHAlOAZl+2Ycpk/++dJtHOduvegN1cu/DoRuUw9FDniDuGyav6lpX1A6mSTM86DpumgZdTc83Z02NbJ7xyLkzQe6HwA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=B46qBMhGd93JCFfkNbonsE3TfYsPO+S/iYEZa5VnP7U=; b=BVjK82knefCY4GQIWiR9YKgZhAZlqVAuYS6Ax8hqa0tTzgA05ny0IwkJtsHPqzR2EIjD0LSCT/JN+bVPEtGd9fulv2g4XgHLgSBeaG+NwHD+/ZGmQt0Z1u7xMPCWc5KVF2iwONuwMEc2uO/i9tsRNnK4J71SFLnyLL1/RsL/1gfTaP0AEGKlb4YfGROvyUkZ/nhBmjEGZpTjJd6/TQTPJcPu4HKlRnkKmaqAKuLaOpIlr0HdkJG8mN86wBOVhZiNSUGZa2zSuPjlQMS10Wr3DIAuUD81ewR9tUQkahzhqLAaSXllg+evOWAlodmbONkO2KNxz0QRzI6b2tuszey6lw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=endress.com; dmarc=pass action=none header.from=endress.com; dkim=pass header.d=endress.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=endress.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=B46qBMhGd93JCFfkNbonsE3TfYsPO+S/iYEZa5VnP7U=; b=leaGKQG7zeImmB9xJzl7+oi0bHlXSI72ziihnAtraWNvWLvkuKTzm25ZFFnDDzb/YuHF933vNkQr9sHs5AyyK+rXwdytpCdI0O9iOK0xkMGSqtLGK03hEdzvJFVcpd/dKmOszeIcHAIuEQ5C7T8Z3IdV1L7CyftOkHsH0IAmAL4=
Received: from VI1PR0501MB2255.eurprd05.prod.outlook.com (10.169.135.11) by VI1PR0501MB2526.eurprd05.prod.outlook.com (10.168.136.141) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2199.21; Wed, 28 Aug 2019 03:18:23 +0000
Received: from VI1PR0501MB2255.eurprd05.prod.outlook.com ([fe80::bd14:3fc1:6d7a:ec25]) by VI1PR0501MB2255.eurprd05.prod.outlook.com ([fe80::bd14:3fc1:6d7a:ec25%3]) with mapi id 15.20.2199.021; Wed, 28 Aug 2019 03:18:23 +0000
From: Björn Haase <bjoern.haase@endress.com>
To: Bill Cox <waywardgeek@gmail.com>, Kevin Lewi <klewi@cs.stanford.edu>
CC: IRTF CFRG <cfrg@irtf.org>
Thread-Topic: [Cfrg] OPAQUE at Facebook
Thread-Index: AQHVXSPIlDbhaZbU70WaffCpeLNiJ6cPufSAgAApTdA=
Content-Class:
Date: Wed, 28 Aug 2019 03:18:23 +0000
Message-ID: <VI1PR0501MB225546F17933D62CA6587CF183A30@VI1PR0501MB2255.eurprd05.prod.outlook.com>
References: <CACitvs_9SoZaG-0ZVNsGgcXJdadYHULVYEOH7VAQFf-VeSwm8Q@mail.gmail.com> <CAOLP8p64=JRL9nsb+trdowxniBaxmd3yxp=cMX-4BkdM6t0+Xg@mail.gmail.com>
In-Reply-To: <CAOLP8p64=JRL9nsb+trdowxniBaxmd3yxp=cMX-4BkdM6t0+Xg@mail.gmail.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Enabled=True; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_SiteId=52daf2a9-3b73-4da4-ac6a-3f81adc92b7e; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Owner=i00501985@pc-c.endress.com; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_SetDate=2019-08-28T03:18:25.9797917Z; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Name=Not Protected; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Application=Microsoft Azure Information Protection; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_ActionId=9b64c8e5-1045-4ac6-8da7-550b3f8a3c40; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Extended_MSFT_Method=Automatic
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=bjoern.haase@endress.com;
x-originating-ip: [65.196.159.195]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-Correlation-Id: ad58c853-e6b0-4c62-da0b-08d72b6664f1
X-Microsoft-Antispam-Untrusted: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600166)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:VI1PR0501MB2526;
X-MS-TrafficTypeDiagnostic: VI1PR0501MB2526:|AM6PR05MB4183:
X-Microsoft-Antispam-PRVS: <AM6PR05MB4183FBD2CB7E9D5073FEC0A083A30@AM6PR05MB4183.eurprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;OLM:10000;
x-forefront-prvs: 014304E855
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(346002)(376002)(366004)(136003)(396003)(47680400002)(189003)(199004)(26005)(2171002)(66556008)(102836004)(66476007)(66946007)(64756008)(86362001)(74316002)(85202003)(7696005)(99286004)(186003)(110136005)(66574012)(5660300002)(85182001)(6436002)(76176011)(561944003)(3846002)(316002)(66446008)(4326008)(14454004)(6506007)(790700001)(25786009)(476003)(6306002)(54896002)(66066001)(9686003)(81156014)(11346002)(2906002)(446003)(486006)(33656002)(52536014)(71190400001)(71200400001)(55016002)(7736002)(8936002)(53936002)(256004)(14444005)(8676002)(76116006)(81166006)(6116002)(19627235002)(478600001); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0501MB2526; H:VI1PR0501MB2255.eurprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: endress.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info-Original: YNr63ragPGzq1IbqtLnWm6pKP/45CB0W2e5AG/vANskCam9uKalhs0VmcHWddrv2xEJ+8lb0RWoqZ51Q5uNS0GQp8QyUtmtBxQCftmFTxDBaG9lJF5B54RrKGxa5zAzRZZ1JOP90pFurjeJRxNLEO84WaYBEBTVEcyMLObFIdAWdm9NnPW0M9dqPStAXz7BGn0bck+LCTS/+55XX0UkPgZ8hJCchLRBRKS3I0aMCefEoMcRHL3ydUiHSUGktTlGpzAX7ASaZc0pBi3JCkqejuufXgt/yTey8KuRN2q7xQfDkg9GQLdLPHIrhvUkp6eAc+VMtqeeTls7EqrqbTMZEA2IFLPSiT9kFIeRcXoGeBWFBibLQQIujhoG9aKWM6B0AGDkfsiF5VPb1cZhGd18USB5bsN1bYHN/lsB0YnDdbec=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_VI1PR0501MB225546F17933D62CA6587CF183A30VI1PR0501MB2255_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0501MB2526
X-OriginalArrivalTime: 28 Aug 2019 03:18:26.0141 (UTC) FILETIME=[419570D0:01D55D4F]
X-Trailer: 1
X-GBS-PROC: rK1G4Urdq+2zyFHe1ppgE9iw3bLdpupsZBqDXP/sfJM=
X-GRP-TAN: IQNE01@B13859923D5A45139304C4103B49D1EF
X-iqsuite-process: processed
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT008.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:40.113.82.155; IPV:CAL; CTRY:IE; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(396003)(136003)(376002)(346002)(39860400002)(2980300002)(47680400002)(26234003)(199004)(189003)(6306002)(54896002)(478600001)(14454004)(55016002)(15974865002)(33964004)(52536014)(66574012)(86362001)(4326008)(486006)(26826003)(26005)(5660300002)(85202003)(2171002)(53936002)(71190400001)(33656002)(106002)(7696005)(70586007)(70206006)(14444005)(19627235002)(316002)(16586007)(110136005)(236005)(6506007)(85182001)(66066001)(606006)(9686003)(25786009)(561944003)(356004)(8676002)(74316002)(186003)(336012)(7736002)(2906002)(6116002)(102836004)(81156014)(3846002)(790700001)(81166006)(76176011)(99286004)(476003)(126002)(76130400001)(446003)(8936002)(11346002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM6PR05MB4183; H:iqsuite.endress.com; FPR:; SPF:Pass; LANG:en; PTR:InfoDomainNonexistent; A:1; MX:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 3c6d98e0-c320-4d88-df23-08d72b66628c
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600166)(710020)(711020)(4605104)(4709080)(1401327)(2017052603328)(7193020); SRVR:AM6PR05MB4183;
X-MS-Exchange-PUrlCount: 3
X-Forefront-PRVS: 014304E855
X-Microsoft-Antispam-Message-Info: SMher6ldx9AQEhwZ+0mxgJ/zUT7l8n3hBkn6IrfmjP1lnuXicQU5aBOQ94pIfn8DxOkDIweJ4h9sl8DL0oV/5ezfZzTGaQmfdRpUJKPKHSK9Uy3vCbaA/JKpsmI+bHbIZYYG0eP8QUjFqbnzq7YqmNnj3sfmVzcwB5McXA7AA0WhiJn45GKed/gY/Amnghny8Rc6VLHLgHJzs5wdE/7YO0nLwgfNiXpUoeLizsveTtBMMJb75IeOrYqLfwMNhc3EKS+4BJDZwcD49o5m430gm8QQqqj6Nz6w9DKDc05cQ+u2N1DT8KxwXLn25Ma0Z7kLv/kkvZzdZv1jUWc0fTcNE6cQQdYk1pfLOmvzV79AbIks5uVezp4t36evgpigxMXDv+NZ/jECE/gsYEwIwqiJfjhMs1msroV3HIf1oz9K98c=
X-OriginatorOrg: endress.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Aug 2019 03:18:27.5273 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: ad58c853-e6b0-4c62-da0b-08d72b6664f1
X-MS-Exchange-CrossTenant-Id: 52daf2a9-3b73-4da4-ac6a-3f81adc92b7e
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=52daf2a9-3b73-4da4-ac6a-3f81adc92b7e; Ip=[40.113.82.155]; Helo=[iqsuite.endress.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR05MB4183
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/aWPrO7XeaV2OjQOPuQT_VmBZXp8>
Subject: Re: [Cfrg] OPAQUE at Facebook
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Aug 2019 03:18:41 -0000

Hi to all,

as one of the ones who nominated a candidate for augmented PAKE (AuCPace) I can confirm that the CFRG reviewers are presently very active and reviewing e.g. the proof strategies in detail. I agree that memory-hard password hashing should be used (in my proposal, I have suggested scrypt, but Argon2 is also a decent choice).

I also agree that we should really have a standardized protocol that mandates use of strong password hashes also for applications such as social media.

Yours,

Björn.


Mit freundlichen Grüßen I Best Regards 

Dr. Björn Haase 

Senior Expert Electronics | TGREH Electronics Hardware
Endress+Hauser Conducta GmbH+Co.KG | Dieselstrasse 24 | 70839 Gerlingen | Germany
Phone: +49 7156 209 377 | Fax: +49 7156 209 221
bjoern.haase@endress.com |  www.conducta.endress.com 





Endress+Hauser Conducta GmbH+Co.KG
Amtsgericht Stuttgart HRA 201908
Sitz der Gesellschaft: Gerlingen
Persönlich haftende Gesellschafterin:
Endress+Hauser Conducta Verwaltungsgesellschaft mbH
Sitz der Gesellschaft: Gerlingen
Amtsgericht Stuttgart HRA 201929
Geschäftsführer: Dr. Manfred Jagiella

 
Gemäss Datenschutzgrundverordnung sind wir verpflichtet, Sie zu informieren, wenn wir personenbezogene Daten von Ihnen erheben.
Dieser Informationspflicht kommen wir mit folgendem Datenschutzhinweis (https://www.endress.com/de/cookies-endress+hauser-website) nach.

 



Disclaimer: 

The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you receive this in error, please contact the sender and delete the material from any computer. This e-mail does not constitute a contract offer, a contract amendment, or an acceptance of a contract offer unless explicitly and conspicuously designated or stated as such.
 



Von: Cfrg <cfrg-bounces@irtf.org> Im Auftrag von Bill Cox
Gesendet: Mittwoch, 28. August 2019 02:47
An: Kevin Lewi <klewi@cs.stanford.edu>
Cc: IRTF CFRG <cfrg@irtf.org>
Betreff: Re: [Cfrg] OPAQUE at Facebook

It would be great to hear from this group on where the community
stands with the standardization of augmented PAKEs.

- Kevin

I, for one, would say great minds think alike :)  The OPAQUE RFC could use some tweeks, but looks pretty strong, IMO.  For example  they're recommendation of iterating a password hash should be replaced with calling Argon2.  Note that Argon2 runs pretty fast in browsers that support web assembly.  Password hashing has to be done client-side in OPAQUE, with the possible exception of using Makwa delegated hashing possibly in paraallel with the OPRF round-trip.