Re: [Cfrg] Review of the Balanced PAKE proposals // Session ID handling

Björn Haase <bjoern.haase@endress.com> Mon, 16 September 2019 11:28 UTC

Return-Path: <bjoern.haase@endress.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB3C4120019 for <cfrg@ietfa.amsl.com>; Mon, 16 Sep 2019 04:28:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=endress.com header.b=M7dM2Eee; dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=endress.com header.b=xn5sH0Sh
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C7ey828MwUEq for <cfrg@ietfa.amsl.com>; Mon, 16 Sep 2019 04:28:50 -0700 (PDT)
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-eopbgr140047.outbound.protection.outlook.com [40.107.14.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2138F120836 for <cfrg@irtf.org>; Mon, 16 Sep 2019 04:28:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=endress.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=djzQuca+RjovCBSqAEkHNz2OMAtzqb7IzbHINihHKPw=; b=M7dM2Eeedr6FDfdJqzdBoYTpegvw7Gn8aukYPVJXAeUFR2cCv3Gr2df7CDTygkAoGDjukHSN9T5I5pDoyABk66SWWz61C4wCUJ7oky73+9OESKMknGl0JyR442maSkiqfhI8D7kdWtBiCsr4mUMy4VmxBC/lxiIDZy3x4lCGcPQ=
Received: from AM4PR0501CA0062.eurprd05.prod.outlook.com (2603:10a6:200:68::30) by VI1PR05MB6030.eurprd05.prod.outlook.com (2603:10a6:803:e7::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.23; Mon, 16 Sep 2019 11:28:46 +0000
Received: from DB5EUR03FT047.eop-EUR03.prod.protection.outlook.com (2a01:111:f400:7e0a::206) by AM4PR0501CA0062.outlook.office365.com (2603:10a6:200:68::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.17 via Frontend Transport; Mon, 16 Sep 2019 11:28:46 +0000
Authentication-Results: spf=pass (sender IP is 40.68.44.165) smtp.mailfrom=endress.com; irtf.org; dkim=fail (body hash did not verify) header.d=endress.com;irtf.org; dmarc=pass action=none header.from=endress.com;
Received-SPF: Pass (protection.outlook.com: domain of endress.com designates 40.68.44.165 as permitted sender) receiver=protection.outlook.com; client-ip=40.68.44.165; helo=iqsuite.endress.com;
Received: from iqsuite.endress.com (40.68.44.165) by DB5EUR03FT047.mail.protection.outlook.com (10.152.21.232) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2263.14 via Frontend Transport; Mon, 16 Sep 2019 11:28:46 +0000
Received: from mail pickup service by iqsuite.endress.com with Microsoft SMTPSVC; Mon, 16 Sep 2019 13:28:45 +0200
Received: from EUR02-VE1-obe.outbound.protection.outlook.com ([104.47.6.57]) by iqsuite.endress.com over TLS secured channel with Microsoft SMTPSVC(8.5.9600.16384); Mon, 16 Sep 2019 13:28:44 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jfIY3kiGgxmKqxJP6zBFO8GFu7MmDJ6AYsgtlXEfDgB9UnZJtL4y49dQxmYsx/8zF3ho5wHETTIxWjOre8wcidjewrhmOGNBAkv8fmUWQO2WMuPtLO17e2e1it7zDpW4gPmmhhgW82wC8ZLQ8C+JNJOdPlVKUQCRrmXbd4+JwfGzX1UBc2VUQTQAw7qXgkowG2+dfkIrgIr0gBt+HL5dObvnl07mGaNrT8I16UYD0bsOqoRME/+gUUJe+3OEm7urtf5W1TMizbWhJgEEdCYFfJHwT01aZPP5gp5Y+y2Nja2SrIl7GikBWHCbIrvorcO/HR/1QLzWSYqUkGXFnJzpJw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WqQz/IAtAQqjFzuRsteqybUlgrhYUkSNy5qFZkDcBAw=; b=V5JDRSgbCu1r/Og+3y7C97zEIKcULHoJz0eibZf/7mDLC0lcQgKApCjQLVwB63OQA8QQSrWotxsddYOiD+B7eSo28NXonsRkFnYbMl7qIhJ0R9nmtWaO3uBNdISPfyn3lnhZyuswCJIas5gsJEg0Ef78dODr5h0FPDPMyExlOA70exu4k3a8cxaPtSmpDSDnr2kHZo+5QgVAVIW+cmILEEoAS3xT2cZrx8wZ7SM4YTMzL5HhR/M2rRv31PGuAVNfnrAqV9NGkd6j9qAYxx/6MEmVmMrUv82QYuvsGVyovM8GP+dOEMbOHbOhiKN0DheaF3YADPiFajlRej1WQRh/QQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=endress.com; dmarc=pass action=none header.from=endress.com; dkim=pass header.d=endress.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=endress.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WqQz/IAtAQqjFzuRsteqybUlgrhYUkSNy5qFZkDcBAw=; b=xn5sH0ShCunHONoxBqWNVEqbtDrfMnjX+VjN1YsTbo3aAnyR8vIppR0cSMvDwa6UAZWyu53S3cMNXSZkqPU5jal9/aGZxkCevzEU7wXlqdLj3i0tpB2oEnF/0XuBiab0Surkt2e5aTbmx9k52bwIbFr03xRYuvDMdH1UxvR1HLo=
Received: from VI1PR0501MB2255.eurprd05.prod.outlook.com (10.169.135.11) by VI1PR0501MB2605.eurprd05.prod.outlook.com (10.168.137.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.13; Mon, 16 Sep 2019 11:28:43 +0000
Received: from VI1PR0501MB2255.eurprd05.prod.outlook.com ([fe80::2027:2a2:adcd:1425]) by VI1PR0501MB2255.eurprd05.prod.outlook.com ([fe80::2027:2a2:adcd:1425%3]) with mapi id 15.20.2263.023; Mon, 16 Sep 2019 11:28:43 +0000
From: Björn Haase <bjoern.haase@endress.com>
To: Karthik Bhargavan <karthikeyan.bhargavan@inria.fr>, "cfrg-chairs@ietf.org" <cfrg-chairs@ietf.org>
CC: "cfrg@irtf.org" <cfrg@irtf.org>, Bruno Blanchet <bruno.blanchet@inria.fr>
Thread-Topic: [Cfrg] Review of the Balanced PAKE proposals // Session ID handling
Thread-Index: AdVsgbSGK+zp/X/lRJKYdWbD6rRBpw==
Content-Class:
Date: Mon, 16 Sep 2019 11:28:43 +0000
Message-ID: <VI1PR0501MB225563959A22D244E673D6D4838C0@VI1PR0501MB2255.eurprd05.prod.outlook.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Enabled=True; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_SiteId=52daf2a9-3b73-4da4-ac6a-3f81adc92b7e; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Owner=bjoern.haase@endress.com; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_SetDate=2019-09-16T11:28:42.0784532Z; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Name=Not Protected; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Application=Microsoft Azure Information Protection; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_ActionId=a604694f-6c0d-461a-bae8-4fbd0007a163; MSIP_Label_2988f0a4-524a-45f2-829d-417725fa4957_Extended_MSFT_Method=Automatic
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=bjoern.haase@endress.com;
x-originating-ip: [92.75.65.225]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-Correlation-Id: 1814197c-7521-48b7-2a8d-08d73a99099d
X-Microsoft-Antispam-Untrusted: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(711020)(4605104)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:VI1PR0501MB2605;
X-MS-TrafficTypeDiagnostic: VI1PR0501MB2605:|VI1PR05MB6030:
X-MS-Exchange-PUrlCount: 4
X-Microsoft-Antispam-PRVS: <VI1PR05MB60305894B56580D27A6C18BB838C0@VI1PR05MB6030.eurprd05.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;OLM:8273;
x-forefront-prvs: 0162ACCC24
X-Forefront-Antispam-Report-Untrusted: SFV:NSPM; SFS:(10009020)(4636009)(396003)(366004)(39860400002)(376002)(346002)(136003)(189003)(199004)(476003)(6436002)(6506007)(256004)(55016002)(7696005)(14444005)(86362001)(606006)(99286004)(102836004)(3846002)(14454004)(66066001)(790700001)(6116002)(7736002)(74316002)(2906002)(316002)(110136005)(66574012)(52536014)(85182001)(54906003)(5660300002)(71190400001)(26005)(478600001)(8936002)(2501003)(186003)(413944005)(66476007)(71200400001)(8676002)(85202003)(66946007)(66446008)(81156014)(64756008)(81166006)(486006)(66556008)(966005)(76116006)(561944003)(6306002)(54896002)(9686003)(236005)(25786009)(19627235002)(53936002)(4326008)(33656002); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR0501MB2605; H:VI1PR0501MB2255.eurprd05.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: endress.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info-Original: N6y9FpkAZ+Pz1C0REzZhBkLB8ok/pyN87xEwDcYmObR/XAc5EO8A6qIbwgRUBmnH6Oee1OlEgAcTfDBoQ1iyDAkHAuCSa7FV2lkO1ful943/nwb/MwITX33eUoDnKzqiUTmyuXtNiBRybIsRGWI3GbAihQHa2OwMVRv6/JMs4TAhMDiV+7p/8sW6YP2PoXughTzKuMqZZv1jKwt2xCagF5XEfqdZgS8KZfWE48//vfbf93TBUVbsbL2kRA50GLtT4G2JutUgNDNETf9Wup4Ub7mcCK3oBagMKcflDeD/iyRLh2kuUTRxttVYXjgJFZDzMtHgW3GBS+BmAKuJ7UPZVx1C7SLD+Tg3tnyF5ZX6MyLaBfT4KsrhDsXuhecV4O1+aUV5dc3zl/cmIEgwvLJDl7ICRHNUaWweClkhNmNiDOU=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_VI1PR0501MB225563959A22D244E673D6D4838C0VI1PR0501MB2255_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0501MB2605
X-OriginalArrivalTime: 16 Sep 2019 11:28:44.0478 (UTC) FILETIME=[E620ADE0:01D56C81]
X-Trailer: 1
X-GBS-PROC: PhpuWBZs8Mhp8Dz2e38ydFw026GUUPT3iZFreqg9kME=
X-GRP-TAN: IQWE01@D8743D0FA96B48D5976410BEBAB84DD8
X-iqsuite-process: processed
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB5EUR03FT047.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:40.68.44.165; IPV:CAL; CTRY:NL; EFV:NLI; SFV:NSPM; SFS:(10009020)(4636009)(136003)(396003)(376002)(346002)(39860400002)(26234003)(189003)(199004)(70586007)(53936002)(7736002)(25786009)(478600001)(26826003)(66574012)(8676002)(336012)(81166006)(81156014)(86362001)(126002)(2906002)(74316002)(71190400001)(476003)(106002)(66066001)(26005)(15974865002)(5660300002)(4326008)(413944005)(966005)(356004)(186003)(30864003)(6306002)(6506007)(54906003)(85182001)(107886003)(316002)(8936002)(54896002)(70206006)(52536014)(55016002)(236005)(9686003)(85202003)(561944003)(486006)(99286004)(19627235002)(7696005)(790700001)(33964004)(6116002)(606006)(3846002)(14454004)(76130400001)(110136005)(102836004)(16586007)(2501003)(33656002)(14444005); DIR:OUT; SFP:1101; SCL:1; SRVR:VI1PR05MB6030; H:iqsuite.endress.com; FPR:; SPF:Pass; LANG:en; PTR:InfoDomainNonexistent; MX:1; A:1;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 2acb11f0-a95b-4a09-a823-08d73a99080e
X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(710020)(711020)(4605104)(4709080)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:VI1PR05MB6030;
X-Forefront-PRVS: 0162ACCC24
X-Microsoft-Antispam-Message-Info: ePfUWdPs/sL4zaFbP38UogpyhLR95Upwi6hRdLupVruvIJVMV9glS0HeM/qAOooNEcW42taoasEjClZPe9DkJAUDZSsLtFVmOxT8sYZV6dXkl9EZX3ukOTgeySB6ZWT9UssANnECc32RpDNYb0wphL5bY0sq37ZbhA7cAUu+V8ykY9JqSBhBSs9uWEtcPX+cMQO5GMZL6H485f4pmJFmA7In89FVYxyGP1CBJ7O8FIyh9mipnj37DWqLc3BDPXxOaZq4hHYZoq+T/r3qmd+Enj5UGlTf7hqNXGrxlzy3RhrIqJkcGspE8DHv5UokBzj2T2tdAJxy0XmqhE+1bS0hc7JnnORnRIiES1s6gpGmTWnC0OHZ4LoFEJzX6s20jFpathdEU+aC78iIv/WJoaJ7DCDH4DiotxBSZsrqt54P7sI=
X-OriginatorOrg: endress.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Sep 2019 11:28:46.1376 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 1814197c-7521-48b7-2a8d-08d73a99099d
X-MS-Exchange-CrossTenant-Id: 52daf2a9-3b73-4da4-ac6a-3f81adc92b7e
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=52daf2a9-3b73-4da4-ac6a-3f81adc92b7e; Ip=[40.68.44.165]; Helo=[iqsuite.endress.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR05MB6030
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/qbyRMrPR0YyH1k3llscSYEBiKE0>
Subject: Re: [Cfrg] Review of the Balanced PAKE proposals // Session ID handling
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Sep 2019 11:28:55 -0000

Dear Karthik,

I would like to respond to your questions. I will add some of the CFRG reviewers on the CC list because the issue that you have brought up regarding the session ids is exactly what I have been discussing with them.


>CPace ======
>
>CPace can be considered a variant of SPEKE and the proposal includes a full security
>proof in the Universal Composability (UC) framework [3].
>We did not check the proof in detail but have no reason to believe it is flawed.

There was the need for some fixes and clarification (see e.g. the review of Björn Tackmann) but in my opinion there
is no serious flaw remaining for CPace if we add the requirement to Map2Point that the image
of Map2Point is not significantly smaller than the order of the DH group. I am working on a revision that is
sorting out the remaining aspects.

>Unfortunately, features of the proof appear to leak into the protocol design which
>make it difficult to understand how the concrete protocol will be deployed.
>The protocol in Figure 4 includes a first round to establish a session identifier,
>making CPace into a 2 round protocol.
>If this first round is included, then CPace would not be suitable for TLS 1.3,
>so understanding its need is essential.

Yes I agree and for this precise aspect, I am in a closer discussion with both, the authors of OPAQUE
and people from the crypto review panel in order to sort this out. Note that the session-id complexity
is a topic that comes with any security analysis in the UC
framework and is relevant also for the augmented protocol AuCPace and OPAQUE.

>The assumptions on this identifier are unclear to us: is it just a proof artefact?
>does removing it introduce a concrete attack?

I am not aware of any concrete attack. Part of the session id topic should probably be considered a
technical proof artefact. It is my conviction that in any case CPace without ephemeral session id will be no less secure than
SPEKE, but one might actually be loosing some of the composability guarantees.

Note that because of the importance of this aspect, I have add my own assessment as part of the presentation at CHES 2019 in August.
The sid topic is discussed on the slides
https://ches.iacr.org/2019/src/slides/Day3/Session13_IOTSec/Paper2_Session13_Presentation_AuCPace_CHES2019.pdf
starting at page #53.

I’d appreciate the feedback and comment of the crypto review panel members here, since I believe that they will
be having more insight than I do. In my opinion this topic is related to the fact that we have to use joint state in combination
with a global RO.

I’d also appreciate your opinion on slides 69ff.


>The authors say "Hashing CI into G allows us to fend off certain types of relay attacks”.
>What are these attacks? Are they practical?
Yes. Imagine for instance that you have two servers A,B that use the same password but have different IP addresses and port numbers.
Assume that you have one client that believes that it is connected to server A but in fact the adversary relays the
communication to server B. By including the CI as the port numbers and IP addresses of both parties fends of the attack.

In case that you use explicit key confirmation and incorporate the information on the two parties into the final hash for the key confirmation (as you do for TLS), there is no need for CI. Still CPace is designed to be also suitable also in a setting where you have
security *without* any key confirmation and there it is helpful to integrate this information into the CI. Possibly, you might want to
authenticate other associate data.

>The authors also say that "In the context of TCP/IP, the CI might be constructed by concatenating unique representations
>of the server’s and client’s IP address and TCP port numbers.”
Yes, as I have discussed above. I believe that this feature is particularly suitable and helpful if a construction uses implicit authentication without explicit key confirmation.

>This seems to indicate that uniqueness across CPace sessions is the only property desired for the CI. Is this the case?
No. The CI is designed for authenticating any possibly important information and the purpose of this field is: Implicit authentication
of some associated data if you don’t want to add explicit key confirmation. If you have key confirmation you could also choose to
Include this information there. Note that when including the information in the CI, you might spare some bytes of memory. In our constrained server setting this advantage is helpful (~64 bytes of the precious RAM were saved).

>The proof appears to rely on the ssid being derived from fresh random values “s” and “t” generated
>by both parties, and TCP/IP addresses are definitely not fresh random values in practice.
Yes. This is the topic I have also explicitly addressed to some of the crypto review panel members (and added them CC).

>Would the proof still work if you used local counters for s and t?
In my opinion yes. UC does not require anything but uniqueness, to my very best knowledge.

>Also, how would the authors envision this would work with other transport protocols like Quic or raw UDP?
In this case if several concurrent sessions share the same UDP port on one peer, I’d see the need for a session ID for arranging for
the local addressing at the host. Actually this is exactly what happens in the “ITM” touring machine setting in which the UC framework
runs its simulations. (as depicted in my CHES slides mentioned above).
There the internal addressing within the peers is done using the session ID.

>Also: CPace does not specify key confirmation and it would be an important aspect to flesh out if the
>protocol were to be integrated into TLS.

The protocol does not require key confirmation. As pointed out, important information to be authenticated (such as the party identities A,C in the example above) could be integrated already in the CI field. Within the proof in its latest revised version (including the feedback from the CFRG reviewers), you will find out that there is a slight modification in the security guarantees for CPace with and without explicit key confirmation. This change in my opinion matches closely the difference between perfect and weak forward secrecy.
(Note that according to the analysis of Hugo Krawczyk in his HQMV paper, any two-flow protocol without mutual key confirmation could not realize perfect forward secrecy but only weak forward secrecy.)

Yours,

Björn.



Mit freundlichen Grüßen I Best Regards 

Dr. Björn Haase 

Senior Expert Electronics | TGREH Electronics Hardware
Endress+Hauser Conducta GmbH+Co.KG | Dieselstrasse 24 | 70839 Gerlingen | Germany
Phone: +49 7156 209 377 | Fax: +49 7156 209 221
bjoern.haase@endress.com |  www.conducta.endress.com 



Endress+Hauser Conducta GmbH+Co.KG
Amtsgericht Stuttgart HRA 201908
Sitz der Gesellschaft: Gerlingen
Persönlich haftende Gesellschafterin:
Endress+Hauser Conducta Verwaltungsgesellschaft mbH
Sitz der Gesellschaft: Gerlingen
Amtsgericht Stuttgart HRA 201929
Geschäftsführer: Dr. Manfred Jagiella

 
Gemäss Datenschutzgrundverordnung sind wir verpflichtet, Sie zu informieren, wenn wir personenbezogene Daten von Ihnen erheben.
Dieser Informationspflicht kommen wir mit folgendem Datenschutzhinweis (https://www.endress.com/de/cookies-endress+hauser-website) nach.

 

Disclaimer: 

The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you receive this in error, please contact the sender and delete the material from any computer. This e-mail does not constitute a contract offer, a contract amendment, or an acceptance of a contract offer unless explicitly and conspicuously designated or stated as such.