Re: [CFRG] I-D Action: draft-irtf-cfrg-cpace-03.txt
Julia Hesse <juliahesse2@gmail.com> Tue, 16 November 2021 07:59 UTC
Return-Path: <juliahesse2@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C5DA3A0A2B for <cfrg@ietfa.amsl.com>; Mon, 15 Nov 2021 23:59:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.7
X-Spam-Level:
X-Spam-Status: No, score=-3.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, NICE_REPLY_A=-1.852, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aw3ue6r-xbl7 for <cfrg@ietfa.amsl.com>; Mon, 15 Nov 2021 23:59:41 -0800 (PST)
Received: from mail-wm1-x32d.google.com (mail-wm1-x32d.google.com [IPv6:2a00:1450:4864:20::32d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 253623A0A25 for <cfrg@irtf.org>; Mon, 15 Nov 2021 23:59:41 -0800 (PST)
Received: by mail-wm1-x32d.google.com with SMTP id p18so6710006wmq.5 for <cfrg@irtf.org>; Mon, 15 Nov 2021 23:59:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=message-id:date:mime-version:user-agent:subject:to:references:from :in-reply-to:content-transfer-encoding; bh=x+DgVQhyeq4X9SXOze8Bx9Emk8ozmNjYapOrs8g58Ss=; b=SZoDi2ctFFRC/5aGlDrNgIx60Ta4jRzdjkyVo+oJNtaJA+xqOdcOGt28C7GUNxlnyT gbbcJRf+y3gi9Mls9BryqHa43wmXh8JZuGadfGh2zR46ZVokbTGIlkunbW6qRT1iTrG1 b62rofXBI1Oygx9If2GKC6slMHWbdw5iRTe3H7w9FHrKrAQzg32OAWnfgeiGjmvyHbmt ALD+ez8PlcSopZpUo0bMvpSS+CuLE97ans7NGVG8tNvf3mefRz4/SRk2PsS1kPVlAtAI t5Q9SleKgHlnGVYz0d6GfCP/JfIylrtbl4efPNb1x6s3W/meMvqqLYP5xoI0OMvPiH6D 3leg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :to:references:from:in-reply-to:content-transfer-encoding; bh=x+DgVQhyeq4X9SXOze8Bx9Emk8ozmNjYapOrs8g58Ss=; b=g7URFfRmgwZqaRIYIhEFSLaVQ3l2ojHEfHIi1ARdxK6ITvqiUFAjFZF+flbTC/qStL qgaHMeSYCjf/eIvu8DdHcYUbXebdWVga+JI3NHYg+ykTTF+rX5vASlUTla3xyx0Rl2TE 9sXgbB8ZOrVz2cRGSJz6g/wC38CntndDPVkgjL24N8xaFa57AArI4RaDa7YQ8W6YMTw1 yBjrdBvf/e5eJiQxkY+vGB5xYbQ7/XSv17MYG6O2vCjkzLr+lifeG3sFKe8ivLZGr9UA KzxPI4bxt9wVpsWTXMNQLaZfdf2ZVrcnkNUZQ/gz1LnIJz17/gifN0AhXCGDkZujgAUq TOnA==
X-Gm-Message-State: AOAM530cSWfodj2hayIuRPq0Ygm1n/1Qpboesm+in8oVXuvPIIENHvLk IY73kdfYxiNz8AY7dgu2xx03FhGLr/E=
X-Google-Smtp-Source: ABdhPJzTDo24p3kuC6yQj9D/G/R0KzaOtaakpI0qDO3qJQ6Zvxlr57goLN+lVpfWH7hoxItb79GJQg==
X-Received: by 2002:a05:600c:3ba3:: with SMTP id n35mr5768513wms.88.1637049577673; Mon, 15 Nov 2021 23:59:37 -0800 (PST)
Received: from ?IPV6:2a02:aa12:a780:5480:4cdd:b673:76b4:58df? ([2a02:aa12:a780:5480:4cdd:b673:76b4:58df]) by smtp.gmail.com with ESMTPSA id o3sm1752356wms.10.2021.11.15.23.59.37 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 15 Nov 2021 23:59:37 -0800 (PST)
Message-ID: <fe509396-02df-3557-5f23-e057151ba279@gmail.com>
Date: Tue, 16 Nov 2021 08:59:37 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.3.0
To: cfrg@irtf.org
References: <163700936993.26013.15251517371301047824@ietfa.amsl.com>
From: Julia Hesse <juliahesse2@gmail.com>
In-Reply-To: <163700936993.26013.15251517371301047824@ietfa.amsl.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/spp-sEV0fG09mvB0m3AQ8gU3ufs>
Subject: Re: [CFRG] I-D Action: draft-irtf-cfrg-cpace-03.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Nov 2021 07:59:47 -0000
Dear CFRG, the cpace draft did undergo some major restructuring lately, and we incorporated the latest findings from the security analyses in [1],[2]. We would appreciate a review by CFRG at this point. In particular, we were asking ourselves the following questions: - Is the “object” notation for hash function and group environment clear? - Should we explicitly consider both initiator/responder + parallel version or only focus on one setting for conciseness? - What is the best way for prepending field lengths to octet strings? (Current suggestion: UTF8) - Overall length: is it too long? Any suggestions for shortening? Best, Julia (on behalf of all authors) [1] https://eprint.iacr.org/2021/114 [2] https://eprint.iacr.org/2021/696 Am 11/15/2021 um 9:49 PM schrieb internet-drafts@ietf.org: > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Crypto Forum RG of the IRTF. > > Title : CPace, a balanced composable PAKE > Authors : Michel Abdalla > Bjoern Haase > Julia Hesse > Filename : draft-irtf-cfrg-cpace-03.txt > Pages : 68 > Date : 2021-11-15 > > Abstract: > This document describes CPace which is a protocol for two parties > that share a low-entropy secret (password) to derive a strong shared > key without disclosing the secret to offline dictionary attacks. > This method was tailored for constrained devices, is compatible with > any group of both prime- and non-prime order, and comes with a > security proof providing composability guarantees. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-irtf-cfrg-cpace/ > > There is also an HTML version available at: > https://www.ietf.org/archive/id/draft-irtf-cfrg-cpace-03.html > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-irtf-cfrg-cpace-03 > > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > > _______________________________________________ > CFRG mailing list > CFRG@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg
- [CFRG] I-D Action: draft-irtf-cfrg-cpace-03.txt internet-drafts
- Re: [CFRG] I-D Action: draft-irtf-cfrg-cpace-03.t… Julia Hesse