Re: [Cfrg] Review of the Balanced PAKE proposals // Session ID handling
Björn Haase <bjoern.haase@endress.com> Mon, 16 September 2019 11:28 UTC
Return-Path: <bjoern.haase@endress.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB3C4120019 for <cfrg@ietfa.amsl.com>; Mon, 16 Sep 2019 04:28:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=endress.com header.b=M7dM2Eee; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=endress.com header.b=xn5sH0Sh
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C7ey828MwUEq for <cfrg@ietfa.amsl.com>; Mon, 16 Sep 2019 04:28:50 -0700 (PDT)
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-eopbgr140047.outbound.protection.outlook.com [40.107.14.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2138F120836 for <cfrg@irtf.org>; Mon, 16 Sep 2019 04:28:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=endress.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=djzQuca+RjovCBSqAEkHNz2OMAtzqb7IzbHINihHKPw=; b=M7dM2Eeedr6FDfdJqzdBoYTpegvw7Gn8aukYPVJXAeUFR2cCv3Gr2df7CDTygkAoGDjukHSN9T5I5pDoyABk66SWWz61C4wCUJ7oky73+9OESKMknGl0JyR442maSkiqfhI8D7kdWtBiCsr4mUMy4VmxBC/lxiIDZy3x4lCGcPQ=
Received: from AM4PR0501CA0062.eurprd05.prod.outlook.com (2603:10a6:200:68::30) by VI1PR05MB6030.eurprd05.prod.outlook.com (2603:10a6:803:e7::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.23; Mon, 16 Sep 2019 11:28:46 +0000
Received: from DB5EUR03FT047.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e0a::206) by AM4PR0501CA0062.outlook.office365.com (2603:10a6:200:68::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.17 via Frontend Transport; Mon, 16 Sep 2019 11:28:46 +0000
Authentication-Results: spf=pass (sender IP is 40.68.44.165) smtp.mailfrom=endress.com; irtf.org; dkim=fail (body hash did not verify) header.d=endress.com;irtf.org; dmarc=pass action=none header.from=endress.com;
Received-SPF: Pass (protection.outlook.com: domain of endress.com designates 40.68.44.165 as permitted sender) receiver=protection.outlook.com; client-ip=40.68.44.165; helo=iqsuite.endress.com;
Received: from iqsuite.endress.com (40.68.44.165) by DB5EUR03FT047.mail.protection.outlook.com (10.152.21.232) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2263.14 via Frontend Transport; Mon, 16 Sep 2019 11:28:46 +0000
Received: from mail pickup service by iqsuite.endress.com with Microsoft SMTPSVC; Mon, 16 Sep 2019 13:28:45 +0200
Received: from EUR02-VE1-obe.outbound.protection.outlook.com ([104.47.6.57]) by iqsuite.endress.com over TLS secured channel with Microsoft SMTPSVC(8.5.9600.16384); Mon, 16 Sep 2019 13:28:44 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jfIY3kiGgxmKqxJP6zBFO8GFu7MmDJ6AYsgtlXEfDgB9UnZJtL4y49dQxmYsx/8zF3ho5wHETTIxWjOre8wcidjewrhmOGNBAkv8fmUWQO2WMuPtLO17e2e1it7zDpW4gPmmhhgW82wC8ZLQ8C+JNJOdPlVKUQCRrmXbd4+JwfGzX1UBc2VUQTQAw7qXgkowG2+dfkIrgIr0gBt+HL5dObvnl07mGaNrT8I16UYD0bsOqoRME/+gUUJe+3OEm7urtf5W1TMizbWhJgEEdCYFfJHwT01aZPP5gp5Y+y2Nja2SrIl7GikBWHCbIrvorcO/HR/1QLzWSYqUkGXFnJzpJw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WqQz/IAtAQqjFzuRsteqybUlgrhYUkSNy5qFZkDcBAw=; b=V5JDRSgbCu1r/Og+3y7C97zEIKcULHoJz0eibZf/7mDLC0lcQgKApCjQLVwB63OQA8QQSrWotxsddYOiD+B7eSo28NXonsRkFnYbMl7qIhJ0R9nmtWaO3uBNdISPfyn3lnhZyuswCJIas5gsJEg0Ef78dODr5h0FPDPMyExlOA70exu4k3a8cxaPtSmpDSDnr2kHZo+5QgVAVIW+cmILEEoAS3xT2cZrx8wZ7SM4YTMzL5HhR/M2rRv31PGuAVNfnrAqV9NGkd6j9qAYxx/6MEmVmMrUv82QYuvsGVyovM8GP+dOEMbOHbOhiKN0DheaF3YADPiFajlRej1WQRh/QQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=endress.com; dmarc=pass action=none header.from=endress.com; dkim=pass header.d=endress.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=endress.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WqQz/IAtAQqjFzuRsteqybUlgrhYUkSNy5qFZkDcBAw=; b=xn5sH0ShCunHONoxBqWNVEqbtDrfMnjX+VjN1YsTbo3aAnyR8vIppR0cSMvDwa6UAZWyu53S3cMNXSZkqPU5jal9/aGZxkCevzEU7wXlqdLj3i0tpB2oEnF/0XuBiab0Surkt2e5aTbmx9k52bwIbFr03xRYuvDMdH1UxvR1HLo=
Received: from VI1PR0501MB2255.eurprd05.prod.outlook.com (10.169.135.11) by VI1PR0501MB2605.eurprd05.prod.outlook.com (10.168.137.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.13; Mon, 16 Sep 2019 11:28:43 +0000
Received: from VI1PR0501MB2255.eurprd05.prod.outlook.com ([fe80::2027:2a2:adcd:1425]) by VI1PR0501MB2255.eurprd05.prod.outlook.com ([fe80::2027:2a2:adcd:1425%3]) with mapi id 15.20.2263.023; Mon, 16 Sep 2019 11:28:43 +0000
From: Björn Haase <bjoern.haase@endress.com>
To: Karthik Bhargavan <karthikeyan.bhargavan@inria.fr>, "cfrg-chairs@ietf.org" <cfrg-chairs@ietf.org>
CC: "cfrg@irtf.org" <cfrg@irtf.org>, Bruno Blanchet <bruno.blanchet@inria.fr>
Thread-Topic: [Cfrg] Review of the Balanced PAKE proposals // Session ID handling
Thread-Index: AdVsgbSGK+zp/X/lRJKYdWbD6rRBpw==
Content-Class:
Date: Mon, 16 Sep 2019 11:28:43 +0000
Message-ID: <VI1PR0501MB225563959A22D244E673D6D4838C0@VI1PR0501MB2255.eurprd05.prod.outlook.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Enabled=True; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_SiteId=52daf2a9-3b73-4da4-ac6a-3f81adc92b7e; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Owner=bjoern.haase@endress.com; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_SetDate=2019-09-16T11:28:42.0784532Z; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Name=Not Protected; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Application=Microsoft Azure Information Protection; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_ActionId=a604694f-6c0d-461a-bae8-4fbd0007a163; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Extended_MSFT_Method=Automatic
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=bjoern.haase@endress.com;
x-originating-ip: [92.75.65.225]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-Correlation-Id: 1814197c-7521-48b7-2a8d-08d73a99099d
X-Microsoft-Antispam-Untrusted: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(711020)(4605104)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:VI1PR0501MB2605;
X-MS-TrafficTypeDiagnostic: VI1PR0501MB2605:|VI1PR05MB6030:
X-MS-Exchange-PUrlCount: 4
X-Microsoft-Antispam-PRVS: <VI1PR05MB60305894B56580D27A6C18BB838C0@VI1PR05MB6030.eurprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;OLM:8273;
x-forefront-prvs: 0162ACCC24
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(396003)(366004)(39860400002)(376002)(346002)(136003)(189003)(199004)(476003)(6436002)(6506007)(256004)(55016002)(7696005)(14444005)(86362001)(606006)(99286004)(102836004)(3846002)(14454004)(66066001)(790700001)(6116002)(7736002)(74316002)(2906002)(316002)(110136005)(66574012)(52536014)(85182001)(54906003)(5660300002)(71190400001)(26005)(478600001)(8936002)(2501003)(186003)(413944005)(66476007)(71200400001)(8676002)(85202003)(66946007)(66446008)(81156014)(64756008)(81166006)(486006)(66556008)(966005)(76116006)(561944003)(6306002)(54896002)(9686003)(236005)(25786009)(19627235002)(53936002)(4326008)(33656002); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0501MB2605; H:VI1PR0501MB2255.eurprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: endress.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info-Original: N6y9FpkAZ+Pz1C0REzZhBkLB8ok/pyN87xEwDcYmObR/XAc5EO8A6qIbwgRUBmnH6Oee1OlEgAcTfDBoQ1iyDAkHAuCSa7FV2lkO1ful943/nwb/MwITX33eUoDnKzqiUTmyuXtNiBRybIsRGWI3GbAihQHa2OwMVRv6/JMs4TAhMDiV+7p/8sW6YP2PoXughTzKuMqZZv1jKwt2xCagF5XEfqdZgS8KZfWE48//vfbf93TBUVbsbL2kRA50GLtT4G2JutUgNDNETf9Wup4Ub7mcCK3oBagMKcflDeD/iyRLh2kuUTRxttVYXjgJFZDzMtHgW3GBS+BmAKuJ7UPZVx1C7SLD+Tg3tnyF5ZX6MyLaBfT4KsrhDsXuhecV4O1+aUV5dc3zl/cmIEgwvLJDl7ICRHNUaWweClkhNmNiDOU=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_VI1PR0501MB225563959A22D244E673D6D4838C0VI1PR0501MB2255_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0501MB2605
X-OriginalArrivalTime: 16 Sep 2019 11:28:44.0478 (UTC) FILETIME=[E620ADE0:01D56C81]
X-Trailer: 1
X-GBS-PROC: PhpuWBZs8Mhp8Dz2e38ydFw026GUUPT3iZFreqg9kME=
X-GRP-TAN: IQWE01@D8743D0FA96B48D5976410BEBAB84DD8
X-iqsuite-process: processed
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB5EUR03FT047.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:40.68.44.165; IPV:CAL; CTRY:NL; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(136003)(396003)(376002)(346002)(39860400002)(26234003)(189003)(199004)(70586007)(53936002)(7736002)(25786009)(478600001)(26826003)(66574012)(8676002)(336012)(81166006)(81156014)(86362001)(126002)(2906002)(74316002)(71190400001)(476003)(106002)(66066001)(26005)(15974865002)(5660300002)(4326008)(413944005)(966005)(356004)(186003)(30864003)(6306002)(6506007)(54906003)(85182001)(107886003)(316002)(8936002)(54896002)(70206006)(52536014)(55016002)(236005)(9686003)(85202003)(561944003)(486006)(99286004)(19627235002)(7696005)(790700001)(33964004)(6116002)(606006)(3846002)(14454004)(76130400001)(110136005)(102836004)(16586007)(2501003)(33656002)(14444005); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR05MB6030; H:iqsuite.endress.com; FPR:; SPF:Pass; LANG:en; PTR:InfoDomainNonexistent; MX:1; A:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 2acb11f0-a95b-4a09-a823-08d73a99080e
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(710020)(711020)(4605104)(4709080)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:VI1PR05MB6030;
X-Forefront-PRVS: 0162ACCC24
X-Microsoft-Antispam-Message-Info: ePfUWdPs/sL4zaFbP38UogpyhLR95Upwi6hRdLupVruvIJVMV9glS0HeM/qAOooNEcW42taoasEjClZPe9DkJAUDZSsLtFVmOxT8sYZV6dXkl9EZX3ukOTgeySB6ZWT9UssANnECc32RpDNYb0wphL5bY0sq37ZbhA7cAUu+V8ykY9JqSBhBSs9uWEtcPX+cMQO5GMZL6H485f4pmJFmA7In89FVYxyGP1CBJ7O8FIyh9mipnj37DWqLc3BDPXxOaZq4hHYZoq+T/r3qmd+Enj5UGlTf7hqNXGrxlzy3RhrIqJkcGspE8DHv5UokBzj2T2tdAJxy0XmqhE+1bS0hc7JnnORnRIiES1s6gpGmTWnC0OHZ4LoFEJzX6s20jFpathdEU+aC78iIv/WJoaJ7DCDH4DiotxBSZsrqt54P7sI=
X-OriginatorOrg: endress.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Sep 2019 11:28:46.1376 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 1814197c-7521-48b7-2a8d-08d73a99099d
X-MS-Exchange-CrossTenant-Id: 52daf2a9-3b73-4da4-ac6a-3f81adc92b7e
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=52daf2a9-3b73-4da4-ac6a-3f81adc92b7e; Ip=[40.68.44.165]; Helo=[iqsuite.endress.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR05MB6030
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/qbyRMrPR0YyH1k3llscSYEBiKE0>
Subject: Re: [Cfrg] Review of the Balanced PAKE proposals // Session ID handling
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Sep 2019 11:28:55 -0000
Dear Karthik, I would like to respond to your questions. I will add some of the CFRG reviewers on the CC list because the issue that you have brought up regarding the session ids is exactly what I have been discussing with them. >CPace ====== > >CPace can be considered a variant of SPEKE and the proposal includes a full security >proof in the Universal Composability (UC) framework [3]. >We did not check the proof in detail but have no reason to believe it is flawed. There was the need for some fixes and clarification (see e.g. the review of Björn Tackmann) but in my opinion there is no serious flaw remaining for CPace if we add the requirement to Map2Point that the image of Map2Point is not significantly smaller than the order of the DH group. I am working on a revision that is sorting out the remaining aspects. >Unfortunately, features of the proof appear to leak into the protocol design which >make it difficult to understand how the concrete protocol will be deployed. >The protocol in Figure 4 includes a first round to establish a session identifier, >making CPace into a 2 round protocol. >If this first round is included, then CPace would not be suitable for TLS 1.3, >so understanding its need is essential. Yes I agree and for this precise aspect, I am in a closer discussion with both, the authors of OPAQUE and people from the crypto review panel in order to sort this out. Note that the session-id complexity is a topic that comes with any security analysis in the UC framework and is relevant also for the augmented protocol AuCPace and OPAQUE. >The assumptions on this identifier are unclear to us: is it just a proof artefact? >does removing it introduce a concrete attack? I am not aware of any concrete attack. Part of the session id topic should probably be considered a technical proof artefact. It is my conviction that in any case CPace without ephemeral session id will be no less secure than SPEKE, but one might actually be loosing some of the composability guarantees. Note that because of the importance of this aspect, I have add my own assessment as part of the presentation at CHES 2019 in August. The sid topic is discussed on the slides https://ches.iacr.org/2019/src/slides/Day3/Session13_IOTSec/Paper2_Session13_Presentation_AuCPace_CHES2019.pdf starting at page #53. I’d appreciate the feedback and comment of the crypto review panel members here, since I believe that they will be having more insight than I do. In my opinion this topic is related to the fact that we have to use joint state in combination with a global RO. I’d also appreciate your opinion on slides 69ff. >The authors say "Hashing CI into G allows us to fend off certain types of relay attacks”. >What are these attacks? Are they practical? Yes. Imagine for instance that you have two servers A,B that use the same password but have different IP addresses and port numbers. Assume that you have one client that believes that it is connected to server A but in fact the adversary relays the communication to server B. By including the CI as the port numbers and IP addresses of both parties fends of the attack. In case that you use explicit key confirmation and incorporate the information on the two parties into the final hash for the key confirmation (as you do for TLS), there is no need for CI. Still CPace is designed to be also suitable also in a setting where you have security *without* any key confirmation and there it is helpful to integrate this information into the CI. Possibly, you might want to authenticate other associate data. >The authors also say that "In the context of TCP/IP, the CI might be constructed by concatenating unique representations >of the server’s and client’s IP address and TCP port numbers.” Yes, as I have discussed above. I believe that this feature is particularly suitable and helpful if a construction uses implicit authentication without explicit key confirmation. >This seems to indicate that uniqueness across CPace sessions is the only property desired for the CI. Is this the case? No. The CI is designed for authenticating any possibly important information and the purpose of this field is: Implicit authentication of some associated data if you don’t want to add explicit key confirmation. If you have key confirmation you could also choose to Include this information there. Note that when including the information in the CI, you might spare some bytes of memory. In our constrained server setting this advantage is helpful (~64 bytes of the precious RAM were saved). >The proof appears to rely on the ssid being derived from fresh random values “s” and “t” generated >by both parties, and TCP/IP addresses are definitely not fresh random values in practice. Yes. This is the topic I have also explicitly addressed to some of the crypto review panel members (and added them CC). >Would the proof still work if you used local counters for s and t? In my opinion yes. UC does not require anything but uniqueness, to my very best knowledge. >Also, how would the authors envision this would work with other transport protocols like Quic or raw UDP? In this case if several concurrent sessions share the same UDP port on one peer, I’d see the need for a session ID for arranging for the local addressing at the host. Actually this is exactly what happens in the “ITM” touring machine setting in which the UC framework runs its simulations. (as depicted in my CHES slides mentioned above). There the internal addressing within the peers is done using the session ID. >Also: CPace does not specify key confirmation and it would be an important aspect to flesh out if the >protocol were to be integrated into TLS. The protocol does not require key confirmation. As pointed out, important information to be authenticated (such as the party identities A,C in the example above) could be integrated already in the CI field. Within the proof in its latest revised version (including the feedback from the CFRG reviewers), you will find out that there is a slight modification in the security guarantees for CPace with and without explicit key confirmation. This change in my opinion matches closely the difference between perfect and weak forward secrecy. (Note that according to the analysis of Hugo Krawczyk in his HQMV paper, any two-flow protocol without mutual key confirmation could not realize perfect forward secrecy but only weak forward secrecy.) Yours, Björn. Mit freundlichen Grüßen I Best Regards Dr. Björn Haase Senior Expert Electronics | TGREH Electronics Hardware Endress+Hauser Conducta GmbH+Co.KG | Dieselstrasse 24 | 70839 Gerlingen | Germany Phone: +49 7156 209 377 | Fax: +49 7156 209 221 bjoern.haase@endress.com | www.conducta.endress.com Endress+Hauser Conducta GmbH+Co.KG Amtsgericht Stuttgart HRA 201908 Sitz der Gesellschaft: Gerlingen Persönlich haftende Gesellschafterin: Endress+Hauser Conducta Verwaltungsgesellschaft mbH Sitz der Gesellschaft: Gerlingen Amtsgericht Stuttgart HRA 201929 Geschäftsführer: Dr. Manfred Jagiella Gemäss Datenschutzgrundverordnung sind wir verpflichtet, Sie zu informieren, wenn wir personenbezogene Daten von Ihnen erheben. Dieser Informationspflicht kommen wir mit folgendem Datenschutzhinweis (https://www.endress.com/de/cookies-endress+hauser-website) nach. Disclaimer: The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you receive this in error, please contact the sender and delete the material from any computer. This e-mail does not constitute a contract offer, a contract amendment, or an acceptance of a contract offer unless explicitly and conspicuously designated or stated as such.