Re: [Cfrg] Round 2 of the PAKE selection process
"Stanislav V. Smyshlyaev" <smyshsv@gmail.com> Wed, 20 November 2019 16:21 UTC
Return-Path: <smyshsv@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3E54712088F for <cfrg@ietfa.amsl.com>; Wed, 20 Nov 2019 08:21:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tDqONlkMu5W5 for <cfrg@ietfa.amsl.com>; Wed, 20 Nov 2019 08:21:37 -0800 (PST)
Received: from mail-lj1-x234.google.com (mail-lj1-x234.google.com [IPv6:2a00:1450:4864:20::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D13612084B for <cfrg@irtf.org>; Wed, 20 Nov 2019 08:21:37 -0800 (PST)
Received: by mail-lj1-x234.google.com with SMTP id g3so28125483ljl.11 for <cfrg@irtf.org>; Wed, 20 Nov 2019 08:21:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=eeqR9UQC7zRy+Q2gx644HxDcAVvg0GYwxp1HhgfB0r8=; b=EudPBTVkXxNvAgrwaOxburYiXVangkHDC1DfZAJRhmb59jqcQPCQ1Iv4yX0z82KhPO N1UcuyTpMenXxn4/a6NUnIaUqljaKuMDNRk0BUJksTPGcidYLItu7BXs//il1eB9Do0P advXYBhFCI6r0Mi+QWArW170EJRixjo1KgdQ9kmQjnk6ykvGJKesDLEwvZrIZWsGNMUF MxdHQJmjdHFnshoA+2PwoJncJTXcDEETOgnsJtZS+4sw25isPmJ6IqUubSjdvUnJhQ7G g/trlDlaWoHY8Tsa7gsj9oj0SIpS+DS9m4XCABHMTzTxmVv96rCOvAFyYOpPrqOV87E3 mqog==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=eeqR9UQC7zRy+Q2gx644HxDcAVvg0GYwxp1HhgfB0r8=; b=k99cpBNDsqZS46SEIQdtZmVeParIKa4bmLvWgBXLYgRw824LeDWMVh/XDQw+WiUuTA cyOy/xkx4blHzK+5PcwPLU64kV1zBNURDiT0bKz48Wr9oB0mMmz7ukeKdws1IOnM9O4f ArNW7YYaxeur5SjGkScgtjCTNWbGupv3J7upvuwu+uEcEp1/0uSVf3a6eL4jP3Lkh3ji P8yMokrf8j3ODyieOlGSDgIVymmeNqDrM1tW45Abga3uP7KAw2vs5N/iGWCIvraW0dPg TUm+J4mNVXRlIjDEJG6K6oybJ1uQbh21q24thKV/TVbc2dtd5DTP/hBYD454gQCpzoAU kueg==
X-Gm-Message-State: APjAAAVy90XulJ5UX1DzpSfO5elZ+p+q9PLireFCyKBwaHXx4BMpxuAU Jg3f0E3dcMQ49gA+7C8sHxGxcITssyjv7Q57isR7m0pkU+c=
X-Google-Smtp-Source: APXvYqw60XMJlLPb9Sn9ua7mDHoadO1/ukMcnaf4J+eBDi9bIaoeXoNSBk7uFAZIHs9Yq35tNXse7uLkPbDV8pp9+K8=
X-Received: by 2002:a2e:9106:: with SMTP id m6mr3579906ljg.146.1574266894532; Wed, 20 Nov 2019 08:21:34 -0800 (PST)
MIME-Version: 1.0
References: <CAMr0u6nPQxO5X1Txoeh5X7jN=eHscRCBH0HJW=3tbqUdjn8N4Q@mail.gmail.com> <BA639DCD-B3B9-40BD-AF6D-1A4CE9425A03@live.warwick.ac.uk> <CAMr0u6mDx_NnvJq_LpRZSBkWe707mn=HBrELeXsjYXvTTMtzRw@mail.gmail.com>
In-Reply-To: <CAMr0u6mDx_NnvJq_LpRZSBkWe707mn=HBrELeXsjYXvTTMtzRw@mail.gmail.com>
From: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>
Date: Wed, 20 Nov 2019 19:21:24 +0300
Message-ID: <CAMr0u6n2Hp-h_hey=Z7ucjSWCV+0pYovtYbW0SX0f9Hw4Rqn4A@mail.gmail.com>
To: CFRG <cfrg@irtf.org>
Content-Type: multipart/alternative; boundary="00000000000007c8390597c9936e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/obF7SYMJ8Lvwj92sUkibDWNPCK0>
Subject: Re: [Cfrg] Round 2 of the PAKE selection process
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2019 16:21:40 -0000
To eliminate any possible misunderstanding: "the Crypto Review Panel member reviews" in my previous message = the four overall reviews provided by the Crypto Review Panel experts: https://github.com/cfrg/pake-selection#overall-reviews-by-crypto-review-panel Regards, Stanislav ср, 20 нояб. 2019 г. в 13:43, Stanislav V. Smyshlyaev <smyshsv@gmail.com>: > Dear Feng, > > The decision was made based on the Crypto Review Panel member reviews > (which in turn were based on partial reviews by independent experts), which > are available at > https://github.com/cfrg/pake-selection (see “Overall reviews by Crypto > Review Panel”). > > Best regards, > Stanislav > > ср, 20 нояб. 2019 г. в 18:29, Hao, Feng <Feng.Hao@warwick.ac.uk>: > >> Dear Stanislav (and the review panel), >> >> >> >> Many thanks for the update. >> >> >> >> For the benefits of openness and transparency, can you give reasons why >> these four were selected and the rest were removed? I couldn’t find those >> on your slides. >> >> >> >> I’m sure that’ll be helpful for people on the CRFG to understand better >> this selection process. >> >> >> >> Cheers, >> >> Feng >> >> >> >> *From: *Cfrg <cfrg-bounces@irtf.org> on behalf of "Stanislav V. >> Smyshlyaev" <smyshsv@gmail.com> >> *Date: *Wednesday, 20 November 2019 at 06:02 >> *To: *"cfrg@irtf.org" <cfrg@irtf.org> >> *Cc: *"cfrg-chairs@ietf.org" <cfrg-chairs@ietf.org> >> *Subject: *[Cfrg] Round 2 of the PAKE selection process >> >> >> >> Dear CFRG, >> >> >> >> As we've announced at the CFRG session today, now we're starting the >> Round 2 of the PAKE selection process. >> >> >> >> We have narrowed down choices to: two balanced (SPAKE2 and CPace) and two >> augmented (OPAQUE and AuCPace). >> >> >> >> Some additional information can be found in my slides from the IETF 106 >> CFRG meeting: >> >> >> https://datatracker.ietf.org/meeting/106/materials/slides-106-cfrg-pake-selection-update >> >> >> >> >> Please take a look at the plan and especially at Stage 1 - please send >> your additional questions to be considered at Round 2 to >> crypto-panel@irtf.org until December, 5th. >> >> >> >> Round 2 of the PAKE selection process >> >> Stage 1: November, 21st - December, 5th >> >> Additional questions for all four candidates are collected from CFRG >> participants (and Crypto Review Panel members). The questions can be of >> one of possible types: >> >> a) Requests for clarifications for the candidate protocols or their >> proposed modifications (e.g., security of CPace and AuCPace without >> negotiation of sid, security and convenient of SPAKE2 with a hash2curve >> function used to obtain M and N for each pair of identifiers). >> >> b) Questions to be taken into account in addition to ones collected at >> Stage 1 of Round 1 (e.g., quantum annoyance, post-quantum preparedness). >> >> The questions should be sent to crypto-panel@irtf.org. >> >> >> >> Stage 2: December, 10th - December, 17th >> >> A list of new questions is published on >> https://github.com/cfrg/pake-selection; the CFRG is asked whether >> anything else should be added. >> >> >> >> Stage 3: December 25th - February, 10th >> >> The authors of the candidates prepare their replies to the additional >> questions/requested clarifications. >> >> >> >> Stage 4: February, 12th - March, 10th >> >> Crypto Review Panel members prepare new overall reviews (for all 4 >> remaining PAKEs) taking into account both the reviews obtained on Round 1 >> and new information obtained during Round 2. >> >> >> >> IETF 107: >> >> The CFRG chairs discuss the obtained reviews and make their >> recommendations to CFRG (or convey to CFRG that they can’t make a >> recommendation yet). >> >> If everything is clear: >> - one (or zero) balanced PAKE is selected; >> >> - one (or zero) augmented PAKE is selected; >> >> - the process with CFRG document “Recommendations for password-based >> authenticated key establishment in IETF protocols” is initiated: all >> practically important recommendations (parameter selection, protecting >> implementations against side-channel attacks, handling of counters etc.) >> must be given there. >> >> >> >> Best regards, >> >> Stanislav Smyshlyaev >> >> CFRG Secretary >> > -- > > С уважением, > > Станислав Смышляев, к.ф.-м.н., > > Заместитель генерального директора > > ООО «КРИПТО-ПРО» > >
- [Cfrg] Round 2 of the PAKE selection process Stanislav V. Smyshlyaev
- Re: [Cfrg] Round 2 of the PAKE selection process Hao, Feng
- Re: [Cfrg] Round 2 of the PAKE selection process Stanislav V. Smyshlyaev
- Re: [Cfrg] Round 2 of the PAKE selection process Hao, Feng
- Re: [Cfrg] Round 2 of the PAKE selection process Stanislav V. Smyshlyaev
- Re: [Cfrg] Round 2 of the PAKE selection process Hao, Feng
- Re: [Cfrg] Round 2 of the PAKE selection process Stanislav V. Smyshlyaev
- Re: [Cfrg] Round 2 of the PAKE selection process Hao, Feng
- Re: [Cfrg] Round 2 of the PAKE selection process Stanislav V. Smyshlyaev
- Re: [Cfrg] Round 2 of the PAKE selection process Hao, Feng
- Re: [Cfrg] Round 2 of the PAKE selection process Stanislav V. Smyshlyaev