Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG document
Paul Lambert <paul@marvell.com> Wed, 17 December 2014 23:17 UTC
Return-Path: <paul@marvell.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CCCC1A0010 for <cfrg@ietfa.amsl.com>; Wed, 17 Dec 2014 15:17:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.267
X-Spam-Level:
X-Spam-Status: No, score=-2.267 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z9UMk23C6vWr for <cfrg@ietfa.amsl.com>; Wed, 17 Dec 2014 15:17:04 -0800 (PST)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5EEA41A0007 for <cfrg@irtf.org>; Wed, 17 Dec 2014 15:17:04 -0800 (PST)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.14.5/8.14.5) with SMTP id sBHNF8IR023899; Wed, 17 Dec 2014 15:16:57 -0800
Received: from sc-owa04.marvell.com ([199.233.58.150]) by mx0b-0016f401.pphosted.com with ESMTP id 1rb9kr1kt9-1 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Wed, 17 Dec 2014 15:16:57 -0800
Received: from SC-vEXCH2.marvell.com ([10.93.76.134]) by SC-OWA04.marvell.com ([::1]) with mapi; Wed, 17 Dec 2014 15:16:56 -0800
From: Paul Lambert <paul@marvell.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Yoav Nir <ynir.ietf@gmail.com>, Alexey Melnikov <alexey.melnikov@isode.com>
Date: Wed, 17 Dec 2014 15:17:02 -0800
Thread-Topic: [Cfrg] Adoption of draft-ladd-spake2 as a RG document
Thread-Index: AdAYXcQrKr3j/+qMREaQ0KMyT5PxGwB8F4JA
Message-ID: <7BAC95F5A7E67643AAFB2C31BEE662D020E2116D1D@SC-VEXCH2.marvell.com>
References: <BF9DADF6-003F-454D-8E96-4A28A060CA72@isode.com> <A635D82B-B55C-4574-AB73-D0408853D642@gmail.com> <548ECB98.7060709@cs.tcd.ie>
In-Reply-To: <548ECB98.7060709@cs.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.13.68, 1.0.33, 0.0.0000 definitions=2014-12-17_07:2014-12-17,2014-12-17,1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1402240000 definitions=main-1412170232
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/ofED3ouIglTQBMyffh35VRXXz3A
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG document
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Dec 2014 23:17:07 -0000
] ]On 15/12/14 11:16, Yoav Nir wrote: ]> But I would really like to know who needs a PAKE right now. PAKEs ]> require the server to store the cleartext password or a password ]> equivalent, creating a security issue that is potentially worse than ]> sending cleartext passwords through authenticated channels (as in ]> form-based or basic authentication to a TLS-protected server) ] ]+many - PAKEs are IMO cool but mostly-useless crypto for exactly ]this reason (and before others disagree, yes, I know some folks ]disagree:-) If however, CFRG folk want to work on 'em I've no objection ]but just so you all know, there is no horde of IETFers waiting with ]bated breath for more PAKE protocol options. Yes there is ... The Wi-Fi industry needs a stable, open and broadly published version of the SAE protocol. Approval of the previously discussed draft-irtf-cfrg-dragonfly-05 would meet this need. Yes, it's not favored by some for the perceptions associated with the difficulty of construction of mathematically proof's for the protocols. Yes, Dragonfly is on a track to get wired into products and it would be very nice to have an open, concise and free (versus IEEE 802) specification of this one type of PAKE. While more stylish and acceptable by mathematicians, I see little value in SPAKE2. In this context I agree with your comment. There is not a good reason to create new applications of PAKE. There are better systems solutions where effort would be better spent. Paul ] ]There are to be fair a quite small number of sensible people who do ]figure there's a niche there to fill though (Dan H. for example but not ]sure who else), so I could of course be wrong about that. ]As I understand it, the niche Dan has in mind is for signing up to get a ]certificate in a PKI, where the password is used to authenticate the ]certificate request. Even in that case, I'm not convinced that PAKEs add ]value - esp since a one (or limited) time use password could be better ]there and requires no new crypto. ] ]It's also fair to say that the IETF hasn't ever done any kind of generic ]consensus call on the (lack of) value of PAKEs, and the IETF does have a ]history of adding PAKE options to protocols, (for some to me ]unfathomable reason:-) so the above is just my personal opinion. ] ]S. ] ]_______________________________________________ ]Cfrg mailing list ]Cfrg@irtf.org ]http://www.irtf.org/mailman/listinfo/cfrg
- [Cfrg] Adoption of draft-ladd-spake2 as a RG docu… Alexey Melnikov
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Rene Struik
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Watson Ladd
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Watson Ladd
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … David Leon Gil
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Alexey Melnikov
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Yoav Nir
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Alexey Melnikov
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Stephen Farrell
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Michael Hamburg
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Dan Harkins
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Watson Ladd
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Dan Harkins
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Derek Atkins
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Dan Harkins
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Andy Lutomirski
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Paul Lambert
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Watson Ladd
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Alexey Melnikov
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Alexey Melnikov
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Dan Harkins
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Paul Lambert
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Tom Yu
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Andy Lutomirski
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Dearlove, Christopher (UK)
- Re: [Cfrg] Point format endian (was: Adoption of … Alyssa Rowan
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Alexey Melnikov
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Adam Langley
- Re: [Cfrg] Adoption of draft-ladd-spake2 as a RG … Paul Lambert
- [Cfrg] On the topic of the SPAKE2 draft Paul Lambert
- Re: [Cfrg] Point format endian (was: Adoption of … Dan Harkins
- Re: [Cfrg] Point format endian (was: Adoption of … Watson Ladd
- Re: [Cfrg] Point format endian (was: Adoption of … Salz, Rich
- Re: [Cfrg] Point format endian (was: Adoption of … Dan Harkins
- Re: [Cfrg] Point format endian (was: Adoption of … Watson Ladd
- Re: [Cfrg] Point format endian (was: Adoption of … D. J. Bernstein
- Re: [Cfrg] Point format endian (was: Adoption of … Dan Harkins
- Re: [Cfrg] Point format endian (was: Adoption of … Mike Hamburg
- Re: [Cfrg] Point format endian (was: Adoption of … Salz, Rich
- Re: [Cfrg] Point format endian (was: Adoption of … Watson Ladd
- Re: [Cfrg] Point format endian (was: Adoption of … Andrey Jivsov
- Re: [Cfrg] Point format endian Alyssa Rowan
- Re: [Cfrg] Point format endian (was: Adoption of … Salz, Rich
- Re: [Cfrg] Point format endian (was: Adoption of … Damien Miller
- Re: [Cfrg] Point format endian (was: Adoption of … Dan Harkins
- Re: [Cfrg] Point format endian (was: Adoption of … Mike Hamburg
- Re: [Cfrg] Point format endian (was: Adoption of … Watson Ladd
- Re: [Cfrg] Point format endian (was: Adoption of … Yoav Nir
- Re: [Cfrg] Point format endian Michael Clark