Re: [Cfrg] Round 2 of the PAKE selection process

"Hao, Feng" <> Thu, 21 November 2019 14:51 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 978EB1201DB for <>; Thu, 21 Nov 2019 06:51:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id caJ8hQehsP-S for <>; Thu, 21 Nov 2019 06:51:34 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 296CE12004C for <>; Thu, 21 Nov 2019 06:51:33 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901;; cv=none; b=bGX0pxfwEkmjTajfztPZQy5J/JUB4F5qX+J7uU0Ftgd/KyKkrag3YjLEWp3MGwjIEa/6TP3wPJAiG5p49QpduZ1QfgTVxiE9Nri0bsZ/B7awbnERbBQFg9pZQLw/URpcNgu2d8I3fyywdM5krcaMB7tRyVkbcN3v5PfNfjdlc9xfbuoxv8JJNvcL0iPIlgOEDkf1zLAdmAkWKpSVrpDg3L0ppqVukV1smD+Hfp8J0PuedQIN0oZXY3puW/bZZnMgzegLiqiNLGzX9ZTnKZF/GdGmGy+T5iQKUumCNzy5RkGKjVfg4eNiUP8AzmPNV3ijDwO7K9W/NhlX9jBMMqgmAQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=amLEtcrGQ5BSzm/DgL6fo/gY4SV/yDtWzIA+UAVarFw=; b=RQniT6D/o6R2aXidazwM+L/yj7J2z5NJTmyg7cxq8gfZiWc8/VDxjfbokyOfzV6IPY/xaWmJQKnImkkzDvM+6zmpRuosaOPRO5ltcJWFbPKqUqgGSu8zdE/Hs6DfzTwfL3Oz4dSsRz0fwnepOUHgC0aMBSYDOfv9DumihcEMA0kK68crhS5cemjw8dXUKbqc5ZEhdBHWV3T2jmlVMybCmQG1dBnyZLLbIbLUC2v4k610j6zwVoACbCaDXrtVDbzJHPtmB77loVqXf4tQN9RyF4lRea3yJPb5b/Ij8IJKpmFlFwmGzyUdQALmrC9TtNjbjTQvXN3etyAXhqroCedurQ==
ARC-Authentication-Results: i=1; 1; spf=pass; dmarc=pass action=none; dkim=pass; arc=none
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2474.19; Thu, 21 Nov 2019 14:51:31 +0000
Received: from ([fe80::e925:ac07:6d27:3073]) by ([fe80::e925:ac07:6d27:3073%7]) with mapi id 15.20.2474.015; Thu, 21 Nov 2019 14:51:31 +0000
From: "Hao, Feng" <>
To: "Stanislav V. Smyshlyaev" <>
CC: "" <>, CFRG <>
Thread-Topic: [Cfrg] Round 2 of the PAKE selection process
Date: Thu, 21 Nov 2019 14:51:31 +0000
Message-ID: <>
References: <> <> <> <> <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-GB
user-agent: Microsoft-MacOutlook/10.1f.0.191110
authentication-results: spf=none (sender IP is );
x-originating-ip: []
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3564ac6a-dfe6-4a80-e9b9-08d76e924bdb
x-ms-traffictypediagnostic: DB7PR01MB5259:
x-ms-exchange-purlcount: 3
x-microsoft-antispam-prvs: <>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0228DDDDD7
x-forefront-antispam-report: SFV:SPM; SFS:(10009020)(4636009)(396003)(346002)(376002)(136003)(366004)(39860400002)(189003)(199004)(186003)(6506007)(53546011)(26005)(446003)(86362001)(11346002)(102836004)(1411001)(14454004)(6916009)(5660300002)(76176011)(7736002)(478600001)(966005)(606006)(14444005)(91956017)(76116006)(66946007)(66556008)(25786009)(66476007)(66446008)(64756008)(3846002)(81156014)(81166006)(6116002)(8936002)(33656002)(786003)(99286004)(256004)(8676002)(316002)(54906003)(58126008)(6246003)(4326008)(6512007)(54896002)(6306002)(236005)(66066001)(71190400001)(71200400001)(229853002)(2906002)(6486002)(6436002)(989001); DIR:OUT; SFP:1501; SCL:6; SRVR:DB7PR01MB5259;; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None ( does not designate permitted sender hosts)
x-ms-exchange-transport-forked: True
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: BaO7vmCafnLC6VgdiVYoG0DJ3ya+Wm0SnegrYuWaJKOjUOA4n78x1RNnho4j2K0JF7hawWTc8pzwCMLRIeH9rAN0B7cyKaTdoDjrb3l+zcWtWAtLHbEdjQ9nHh9KwNh8eRbG1bV37fTzzbuvTGVWGGIhE+BPgKRlMM75WxPbpXplHY++pF+3nmggR9PXDHuTg3virGCLnvBrz7qVD0Ca91MHo4NzTeR98yKAXFM561OVcLLs2jsuW4BD8VSq0DBkVwI3vveAl3gu9D/hx+HPnmibC2HbrcEHiCPcft1cdiTnpk0Ycm0ECaq9M3k5mNzCYEfbVqERklijtI34kvEHOhqcqCMbxn7Fe7Ae6lsF55pyJoSiaRQWF8Uwg9TP2SAMJfZ0IVQI8BGCePkNXvpJxEx0idgY3eLoC5halDG7HXk=
Content-Type: multipart/alternative; boundary="_000_E923AAC682FD48259B241CBC4A7D3FCElivewarwickacuk_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 3564ac6a-dfe6-4a80-e9b9-08d76e924bdb
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Nov 2019 14:51:31.2548 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 09bacfbd-47ef-4465-9265-3546f2eaf6bc
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: +TYwkK9//c+WZ+lzYiyUPPPaxCauDYS0t7U+e4n4sGxpVZs9m8aylvRo0WS3YEAl8DRr21yy4BpUh2bJL+cNILHFX3lIyUtDlFcuF5zdyWU=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR01MB5259
Archived-At: <>
Subject: Re: [Cfrg] Round 2 of the PAKE selection process
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 21 Nov 2019 14:51:38 -0000

OK. My last email on this subject (sorry for folks on the list if it looks like a spam)

If a coherent panel summary for the round 1 result is too much to ask for, please ignore me.

Best wishes,

From: "Stanislav V. Smyshlyaev" <>
Date: Thursday, 21 November 2019 at 13:14
To: "Hao, Feng" <>
Cc: "" <>rg>, "" <>
Subject: Re: [Cfrg] Round 2 of the PAKE selection process

Dear Feng,

All materials of the PAKE selection process were published at The questions that were addressed had been collected from the CFRG at Stage 1 of the selection process (and all collected questions were included to the list), then answered by the authors of the protocols - all those materials can be found at the GitHub, as well as the reviews by the independent reviewers who evaluated them (see The Crypto Review Panel experts then provided their overall reviews, taking into account all collected materials and reviews from independent experts.

Their recommendations, published at, have become the resulting summary (prepared by four experts of the Crypto Review Panel independently). The PAKEs, selection of which were recommended at least by some of the four experts, have passed to Round 2. Additional questions about these four candidates (e.g., my clarifying question about possible ways of selection of M and N) are collected now until December, 5th.


чт, 21 нояб. 2019 г. в 15:36, Hao, Feng <<>>:
Dear Stanislav,
If these questions are relevant, has the panel already considered them? If not, they probably will not bother for the next round either. If they have, it's reasonable for the panel to publish a summary of reasons to explain the decision in the interest of complete openness and transparency. That will be useful for the people on this list to better understand how the decision has been made, and how it will be made in round 2.

From: "Stanislav V. Smyshlyaev" <<>>
Date: Thursday, 21 November 2019 at 06:35
To: "Hao, Feng" <<>>, "<>" <<>>
Cc: CFRG <<>>
Subject: Re: [Cfrg] Round 2 of the PAKE selection process

Dear Feng,

>>   I appreciate all the efforts put in by the panel. I respect how this process is currently run and the result, so I don’t intend to change anything. But I hope these questions are still relevant and helpful for the round 2.
Thank you, Feng!

I fully agree that all these questions are still relevant for the Round 2 (especially the ones that are addressed in the four Crypto Review Panel overall reviews less deeply than the others). Could you please formulate the questions that need to be considered (or maybe re-considered, taking into account new aspects) on Round 2?..
If possible, in the form of a list of clear and reasonably short questions - to be added to the overall list of the questions considered on Round 2 (according to the announcement, could you please send them to<>, please?)

This will be a very important and helpful input of yours - among other things, because the issues you mention should also be addressed in the future RFC on recommendations for usage of PAKEs in the IETF protocols (provided that it will be the next step of the CFRG after the PAKE selection process is over).

Kind regards,