Re: [Cfrg] OPAQUE at Facebook

"Stanislav V. Smyshlyaev" <smyshsv@gmail.com> Wed, 28 August 2019 04:40 UTC

Return-Path: <smyshsv@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D13FC120814 for <cfrg@ietfa.amsl.com>; Tue, 27 Aug 2019 21:40:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FbzR6l9bo-pQ for <cfrg@ietfa.amsl.com>; Tue, 27 Aug 2019 21:40:17 -0700 (PDT)
Received: from mail-lf1-x141.google.com (mail-lf1-x141.google.com [IPv6:2a00:1450:4864:20::141]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7923D12010C for <cfrg@irtf.org>; Tue, 27 Aug 2019 21:40:16 -0700 (PDT)
Received: by mail-lf1-x141.google.com with SMTP id w67so924255lff.4 for <cfrg@irtf.org>; Tue, 27 Aug 2019 21:40:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=E9IJJsjU4jPgQYRVlJCeWxwS619KdI19TzhzmKqPB2o=; b=LnU7tR0/yAjXklEVkhsXCYtTo16k2yWXj6pavIRylrgDQineWSUa6vRxJVj6Cqtz8E s49KVMuAAzPMRRujqY5nuqdDIn4d0/z6SoC9TwvCNHFGwLHFc/YQUa1dqigdvxm0vT56 L5bsNIJjMgwc4qrTfhhwVEIJvDu0RQ8NVyT7Pg3OYVfCg2D6VK9+THctu15nuUHUiw41 oWIBtUGYryhmaVLSzq4/4FkEE+fVg4Ol2v/NXDxR6ZLKNlQvuaNHxTzT+Y8mWrCk+zFt MAHN0Ik1aKiQpZ9a4ZDPfLFxi/MAfX9bxirSZTllylqUKHtny/QI3+7sylHn2AkIXsS3 eN1g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=E9IJJsjU4jPgQYRVlJCeWxwS619KdI19TzhzmKqPB2o=; b=OdTSzVgrXbzqK/rEIK21e0i3xEHuGKjSWdjaI+rshSljyTxT7WKDyr/3rjNEh0rD6a z+Y3TgTCRXn+5aLzcmyxSOImp/Qiz3GIUpgLYBRoJ3dQjukexjc+Acn/CEVfO/txtjUg G8x9/XuauWR1hV32xeCRz9dx/20G4JklMIG72Hjt7wP4kgMbK1SlL+VXf+pR0n5r1bIR hht3rWrvkNRAXIg07OAkWOt+spVRPR0V1NMbFMeMJsdXZdO2xM0BE68+jch2pshfXOrC pGjH5q5wDDtuauEmF9UUXs75gCLsEedekTS2LZmY9ll4i8Y60wwknHgRR7f7aBwkT+5A QeZA==
X-Gm-Message-State: APjAAAVeGOcHiuW0pbPcGvuupwdUNhQtxdYWm3u59Vn61H/pAsYRz0Hs w0WNtvliPz0erGC5RT7RHd9b/oF66+HTaEqEicM=
X-Google-Smtp-Source: APXvYqy+Gra1K6+HLoE6rdghl83fELR69KSET93igfVURWPxBiEsRICkwAmCq/4G4JH7PqEPRb/WrupIZ8ZJvTqBhfk=
X-Received: by 2002:ac2:5685:: with SMTP id 5mr668907lfr.5.1566967214649; Tue, 27 Aug 2019 21:40:14 -0700 (PDT)
MIME-Version: 1.0
References: <CACitvs_9SoZaG-0ZVNsGgcXJdadYHULVYEOH7VAQFf-VeSwm8Q@mail.gmail.com> <CAOLP8p64=JRL9nsb+trdowxniBaxmd3yxp=cMX-4BkdM6t0+Xg@mail.gmail.com> <VI1PR0501MB225546F17933D62CA6587CF183A30@VI1PR0501MB2255.eurprd05.prod.outlook.com> <BCA185D1-1830-4CC7-80FF-0D6B4BE62497@gmail.com>
In-Reply-To: <BCA185D1-1830-4CC7-80FF-0D6B4BE62497@gmail.com>
From: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>
Date: Wed, 28 Aug 2019 07:39:43 +0300
Message-ID: <CAMr0u6mPAzozH-au+KcZuR2V9E8xo7HOy_3ZBR2Vy+CeWBHCoQ@mail.gmail.com>
To: david wong <davidwong.crypto@gmail.com>, waywardgeek@gmail.com, klewi@cs.stanford.edu, IRTF CFRG <cfrg@irtf.org>
Cc: =?UTF-8?B?QmrDtnJuIEhhYXNl?= <bjoern.haase@endress.com>
Content-Type: multipart/alternative; boundary="0000000000003435a8059125fceb"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/t9qRM8WqdKDc60V3s8w8orWamlM>
Subject: Re: [Cfrg] OPAQUE at Facebook
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Aug 2019 04:40:20 -0000

Hi all,

It would be great to hear from this group on where the community
stands with the standardization of augmented PAKEs.

- Kevin

Currently there is a PAKE selection process in CFRG - there are 8 PAKEs
that have been nominated.
We're on Stage 4, where the selected independent reviewers prepare their
analysis regarding the assigned questions. It will continue until
September, 15th, when the Crypto Review Panel members will start to work on
their overall reviews based on all obtained materials.

Kevin, Bill, David, are you willing to volunteer to help with these
reviews? Say, preparing short reviews regarding suitability of the
nominated PAKEs for usage in certain kind of services.
We still have 17 days left - that must be enough for doing such short
reviews.

Best regards,
Stanislav Smyshlyaev,
CFRG Secretary



ср, 28 авг. 2019 г. в 07:26, david wong <davidwong.crypto@gmail.com>;:

> What about balloon hashing? It's compactness is very attractive.
>
> David
>
> On Aug 27, 2019, at 8:18 PM, Björn Haase <bjoern.haase@endress.com>; wrote:
>
> Hi to all,
>
>
>
> as one of the ones who nominated a candidate for augmented PAKE (AuCPace)
> I can confirm that the CFRG reviewers are presently very active and
> reviewing e.g. the proof strategies in detail. I agree that memory-hard
> password hashing should be used (in my proposal, I have suggested scrypt,
> but Argon2 is also a decent choice).
>
>
>
> I also agree that we should really have a standardized protocol that
> mandates use of strong password hashes also for applications such as social
> media.
>
>
>
> Yours,
>
>
>
> Björn.
>
>
>
> *Von:* Cfrg <cfrg-bounces@irtf.org>; *Im Auftrag von * Bill Cox
> *Gesendet:* Mittwoch, 28. August 2019 02:47
> *An:* Kevin Lewi <klewi@cs.stanford.edu>;
> *Cc:* IRTF CFRG <cfrg@irtf.org>;
> *Betreff:* Re: [Cfrg] OPAQUE at Facebook
>
>
>
> It would be great to hear from this group on where the community
> stands with the standardization of augmented PAKEs.
>
> - Kevin
>
>
>
> I, for one, would say great minds think alike :)  The OPAQUE RFC could use
> some tweeks, but looks pretty strong, IMO.  For example  they're
> recommendation of iterating a password hash should be replaced with calling
> Argon2.  Note that Argon2 runs pretty fast in browsers that support web
> assembly.  Password hashing has to be done client-side in OPAQUE, with the
> possible exception of using Makwa delegated hashing possibly in paraallel
> with the OPRF round-trip.
>
>
> Mit freundlichen Grüßen I Best Regards
>
> Dr. Björn Haase
> ------------------------------
> Senior Expert Electronics | TGREH Electronics Hardware
> Endress+Hauser Conducta GmbH+Co.KG | Dieselstrasse 24 | 70839 Gerlingen |
> Germany
> Phone: +49 7156 209 377 | Fax: +49 7156 209 221
> bjoern.haase@endress.com | www.conducta.endress.com
>
> ------------------------------
>
> Endress+Hauser Conducta GmbH+Co.KG
> Amtsgericht Stuttgart HRA 201908
> Sitz der Gesellschaft: Gerlingen
> Persönlich haftende Gesellschafterin:
> Endress+Hauser Conducta
> Verwaltungsgesellschaft mbH
> Sitz der Gesellschaft: Gerlingen
> Amtsgericht Stuttgart HRA 201929
> Geschäftsführer: Dr. Manfred Jagiella
> ------------------------------
>
> Gemäss Datenschutzgrundverordnung sind wir verpflichtet, Sie zu
> informieren, wenn wir personenbezogene Daten von Ihnen erheben.
>
> Dieser Informationspflicht kommen wir mit folgendem Datenschutzhinweis
> <https://www.de.endress.com/de/cookies-endress+hauser-website> nach.
> ------------------------------
>
>
>
> Disclaimer:
>
> The information transmitted is intended only for the person or entity to
> which it is addressed and may contain confidential, proprietary, and/or
> privileged
> material. Any review, retransmission, dissemination or other use of, or
> taking of any action in reliance upon, this information by persons or
> entities
> other than the intended recipient is prohibited. If you receive this in
> error, please contact the sender and delete the material from any computer.
> This e-mail does not constitute a contract offer, a contract amendment, or
> an acceptance of a contract offer unless explicitly and conspicuously
> designated or stated as such.
>
>
>
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf..org/mailman/listinfo/cfrg
> <https://www.irtf.org/mailman/listinfo/cfrg>
>
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg
>