[Cfrg] I-D for password-authenticated EAP method

"Dan Harkins" <dharkins@lounge.org> Sun, 10 February 2008 17:40 UTC

Return-Path: <cfrg-bounces@ietf.org>
X-Original-To: ietfarch-cfrg-archive@core3.amsl.com
Delivered-To: ietfarch-cfrg-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2355B3A6889; Sun, 10 Feb 2008 09:40:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.978
X-Spam-Level:
X-Spam-Status: No, score=-0.978 tagged_above=-999 required=5 tests=[AWL=-0.572, BAYES_20=-0.74, IP_NOT_FRIENDLY=0.334]
Received: from core3.amsl.com ([127.0.0.1]) by localhost (mail.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cGiHy+8Guznr; Sun, 10 Feb 2008 09:40:02 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4143F3A67EB; Sun, 10 Feb 2008 09:40:02 -0800 (PST)
X-Original-To: cfrg@core3.amsl.com
Delivered-To: cfrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DBBA13A67B2 for <cfrg@core3.amsl.com>; Sun, 10 Feb 2008 09:40:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from core3.amsl.com ([127.0.0.1]) by localhost (mail.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id txaaSDd+CmRJ for <cfrg@core3.amsl.com>; Sun, 10 Feb 2008 09:40:00 -0800 (PST)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by core3.amsl.com (Postfix) with ESMTP id 39D353A682C for <cfrg@ietf.org>; Sun, 10 Feb 2008 09:40:00 -0800 (PST)
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id 395991FA6204 for <cfrg@ietf.org>; Sat, 9 Feb 2008 23:21:51 -0800 (PST)
Received: from 69.12.173.8 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Sat, 9 Feb 2008 23:21:51 -0800 (PST)
Message-ID: <1314.69.12.173.8.1202628111.squirrel@www.trepanning.net>
In-Reply-To: <E1JA8C3-0002cW-PM@megatron.ietf.org>
References: <E1JA8C3-0002cW-PM@megatron.ietf.org>
Date: Sat, 9 Feb 2008 23:21:51 -0800 (PST)
From: "Dan Harkins" <dharkins@lounge.org>
To: cfrg@ietf.org
User-Agent: SquirrelMail/1.4.8
MIME-Version: 1.0
X-Priority: 3 (Normal)
Importance: Normal
Subject: [Cfrg] I-D for password-authenticated EAP method
X-BeenThere: cfrg@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.ietf.org>
List-Unsubscribe: <http://www.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:cfrg@ietf.org>
List-Help: <mailto:cfrg-request@ietf.org?subject=help>
List-Subscribe: <http://www.ietf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: cfrg-bounces@ietf.org
Errors-To: cfrg-bounces@ietf.org

  Hello,

  There's a new draft in the Internet-Drafts database called
draft-harkins-emu-eap-pwd-00.txt. It describes a new EAP method
for authentication using only a password. I believe that it
provides resistance to active attack, passive attack, and
dictionary attack. It also provides forward secrecy and an
authenticated key (not just a shared key between authenticated
entities).

  I would greatly appreciate it if anyone on this list could take
a look at the exchange-- esp. sections 2.6.2 and 2.6.3, with the
notation from section 2.1-- and whether the analysis in section 6
is correct.

  regards,

  Dan.


_______________________________________________
Cfrg mailing list
Cfrg@ietf.org
http://www.ietf.org/mailman/listinfo/cfrg