IETF Logo Mail Archive

Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFRG document

"Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk> Fri, 29 January 2016 13:31 UTC

Return-Path: <Kenny.Paterson@rhul.ac.uk>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF1061ACCF5 for <cfrg@ietfa.amsl.com>; Fri, 29 Jan 2016 05:31:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RiMl0uDt60LY for <cfrg@ietfa.amsl.com>; Fri, 29 Jan 2016 05:31:03 -0800 (PST)
Received: from emea01-db3-obe.outbound.protection.outlook.com (mail-db3on0627.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe04::627]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BD22D1ACCF4 for <Cfrg@irtf.org>; Fri, 29 Jan 2016 05:31:02 -0800 (PST)
Received: from DBXPR03MB383.eurprd03.prod.outlook.com (10.141.10.15) by DBXPR03MB383.eurprd03.prod.outlook.com (10.141.10.15) with Microsoft SMTP Server (TLS) id 15.1.396.15; Fri, 29 Jan 2016 13:30:44 +0000
Received: from DBXPR03MB383.eurprd03.prod.outlook.com ([10.141.10.15]) by DBXPR03MB383.eurprd03.prod.outlook.com ([10.141.10.15]) with mapi id 15.01.0396.016; Fri, 29 Jan 2016 13:30:44 +0000
From: "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>
To: Paul Grubbs <pag225@cornell.edu>, Grigory Marshalko <marshalko_gb@tc26.ru>
Thread-Topic: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFRG document
Thread-Index: AQHRWhZL9n6G/gkN5EO1rbDgyE+IZZ8SfkcA
Date: Fri, 29 Jan 2016 13:30:44 +0000
Message-ID: <D2D11991.614A3%kenny.paterson@rhul.ac.uk>
References: <D2C82E57.60B44%kenny.paterson@rhul.ac.uk> <6D05C894-4D0D-4089-B4C1-40DF4FDE6C63@shiftleft.org> <D2C83321.60B6A%kenny.paterson@rhul.ac.uk> <9f49e240b03d7b6156b0ed08912ef520@mail.tc26.ru> <CAKDPBw8VGQo3WJV2hSe3tM3Tzm+Xp6OE7hds-BK5Vcv9ai1S3g@mail.gmail.com>
In-Reply-To: <CAKDPBw8VGQo3WJV2hSe3tM3Tzm+Xp6OE7hds-BK5Vcv9ai1S3g@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.6.0.151221
authentication-results: cornell.edu; dkim=none (message not signed) header.d=none;cornell.edu; dmarc=none action=none header.from=rhul.ac.uk;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [134.219.148.47]
x-microsoft-exchange-diagnostics: 1; DBXPR03MB383; 5:fZM7Y6J/TGAszaL06ZAel/DPAsc9QgYIS+kgyzKnB3aO5ZN89R4jvblAVz5AIai9qOE+hWrz7qThJ4N1QkfbF6mP0lD51J1svfq/fzzByd3jC5SvCHJ5kZbTnO1QNuTRLtObRBvEBPfjx1FQLTnIlA==; 24:N6P4WIYsgOF/AIGGkqht3ZQ0cXh8fJwXXBChfQQCF3jjwgdQthCYpM5W8HF0Mt7iTFYU/89rW0zcN1zTMVYhGB0qRKmPOXNNw+S8i3CK6kc=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DBXPR03MB383;
x-ms-office365-filtering-correlation-id: 744b56c5-93af-480a-3789-08d328b06424
x-microsoft-antispam-prvs: <DBXPR03MB383AC09B80D7AB02FC0B2D5BCDB0@DBXPR03MB383.eurprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(32856632585715)(58933420132496);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001); SRVR:DBXPR03MB383; BCL:0; PCL:0; RULEID:; SRVR:DBXPR03MB383;
x-forefront-prvs: 083691450C
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(164054003)(479174004)(24454002)(377454003)(15975445007)(93886004)(4326007)(122556002)(77096005)(10400500002)(36756003)(5004730100002)(3660700001)(3280700002)(92566002)(5002640100001)(106116001)(551544002)(5001960100002)(3470700001)(40100003)(11100500001)(1220700001)(2171001)(4477795004)(66066001)(50986999)(54356999)(76176999)(5001770100001)(2950100001)(4001350100001)(6116002)(87936001)(19580395003)(189998001)(19580405001)(1096002)(586003)(74482002)(3846002)(102836003)(5008740100001)(86362001)(2906002)(83506001); DIR:OUT; SFP:1101; SCL:1; SRVR:DBXPR03MB383; H:DBXPR03MB383.eurprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
Content-Type: text/plain; charset="utf-8"
Content-ID: <A8F181A7EB79884BAA61D0BF5BF14558@eurprd03.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: rhul.ac.uk
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jan 2016 13:30:44.7572 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2efd699a-1922-4e69-b601-108008d28a2e
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBXPR03MB383
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/mYMCI4VFN_gZA6FZj5IC1O7Pw1Q>
Cc: "cfrg@irtf.org" <Cfrg@irtf.org>
Subject: Re: [Cfrg] [MASSMAIL]Re: adopting Argon2 as a CFRG document
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jan 2016 13:31:06 -0000

Hi Paul, everyone,

I think there's general consensus here that we'd like the Argon2 team to
respond to the attacks as part of the CFRG process - and I am sure they'll
be doing so anyway for a wider audience. The chairs will reach out to the
team and find out what their plans are.

Regards

Kenny

On 28/01/2016 21:53, "Paul Grubbs" <pag225@cornell.edu> wrote:

>Would it be out of the question to ask the authors of Argon2 (or anybody,
>really) to do a more formal analysis of its space-hardness? It would be
>nice to have a proof (e.g. based on pebbling arguments) of some kind of
>time-space tradeoff for
> Argon2. 
>
>On Thu, Jan 28, 2016 at 3:39 PM, Grigory Marshalko
><marshalko_gb@tc26.ru> wrote:
>
>Indeed, the PHC competition has significantly contributed to the design
>and analysis of password-hashing schemes. It's a nice mixture of crypto
>and engineering. So it would be desirable to wait until we understand the
>limits of attacks and corresponding countermeasures.
>The article on baloon hashing is a significant step forward for
>understanding these issues.
>
>Regards,
>Grigory Marshalko,
>expert,
>Technical committee for standardisation "Cryptography and security
>mechanisms" (ТC 26)
>www.tc26.ru <http://www.tc26.ru>
>22 января 2016 г., 22:31, "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>
>написал:
>> Mike,
>>
>> Thanks. The authors of the Argon2 design may in due course tweak their
>> design to avoid the identified problems, or argue that they are not
>> sufficiently worrisome to warrant a change to the design.
>>
>> We definitely need to factor this in to our deliberations, and we will
>> take the time to do so. Let's see how it plays out...
>>
>> Regards
>>
>> Kenny
>>
>> On 22/01/2016 19:20, "Mike Hamburg" <mike@shiftleft.org> wrote:
>>
>>> We might want to hold off on Argon2 — at least on finalizing it — until
>>> the team has
>>> responded to (and hopefully mitigated) the issues mentioned at
>>> https://eprint.iacr.org/2016/027. Essentially the problem is that
>>>Argon2
>>> can be computed
>>> in less space than advertised. The team said that they are planning a
>>> response, cf
>>> 
>http://permalink.gmane.org/gmane.comp.security.phc/3606
><http://permalink.gmane.org/gmane.comp.security.phc/3606>
>>>
>>> Cheers,
>>> — Mike
>>>
>>> On Jan 22, 2016, at 11:10 AM, Paterson, Kenny
>>><Kenny.Paterson@rhul.ac.uk>
>>> wrote:
>>>
>>> Dear CFRG,
>>>
>>> Having received limited feedback either way from the group
>>>(specifically,
>>> one voice in favour), the CFRG chairs have decided to adopt
>>> 
>https://tools.ietf.org/html/draft-josefsson-argon2-00
><https://tools.ietf.org/html/draft-josefsson-argon2-00> as a CFRG
>document.
>>>
>>> If you have objections or concerns, please reply to this email or
>>>directly
>>> to CFRG chairs.
>>>
>>> Sincerely,
>>>
>>> Kenny Paterson (for the chairs)
>>>
>>> On 06/11/2015 11:47, "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>
>>>wrote:
>>>
>>> Hi Stephen,
>>>
>>> Yes, the chairs are amenable to this. We've been keeping an eye on the
>>> password hashing competition and were planning a work item in this
>>>area.
>>>
>>> Any comments from the group, either supporting or objecting to us
>>>adopting
>>> this draft in the RG?
>>>
>>> Cheers,
>>>
>>> Kenny
>>>
>>> (for the chairs)
>>>
>>> On 06/11/2015 02:18, "Cfrg on behalf of Stephen Farrell"
>>> <cfrg-bounces@irtf.org on behalf of
>>> stephen.farrell@cs.tcd.ie> wrote:
>>>
>>> The password hashing competition has a winner and some folks
>>> in the openpgp wg are interested in using that winner. I guess
>>> this might be better processed via cfrg if folks are amenable
>>> to that.
>>>
>>> Thanks,
>>> S.
>>>
>>> _______________________________________________
>>> Cfrg mailing list
>>> Cfrg@irtf.org
>>> 
>https://www.irtf.org/mailman/listinfo/cfrg
><https://www.irtf.org/mailman/listinfo/cfrg>
>>
>> _______________________________________________
>> Cfrg mailing list
>> Cfrg@irtf.org
>> 
>https://www.irtf.org/mailman/listinfo/cfrg
><https://www.irtf.org/mailman/listinfo/cfrg>
>
>_______________________________________________
>Cfrg mailing list
>Cfrg@irtf.org
>https://www.irtf.org/mailman/listinfo/cfrg
>
>
>
>
>
>
>

v2.23.0 | Report a Bug | By Email