Re: [Emu] Agenda Take 2
"Joseph Salowey (jsalowey)" <jsalowey@cisco.com> Mon, 10 March 2008 21:56 UTC
Return-Path: <emu-bounces@ietf.org>
X-Original-To: ietfarch-emu-archive@core3.amsl.com
Delivered-To: ietfarch-emu-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1E65E3A6AAB; Mon, 10 Mar 2008 14:56:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.518
X-Spam-Level:
X-Spam-Status: No, score=-103.518 tagged_above=-999 required=5 tests=[AWL=-3.081, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S4uKxEhHlFiW; Mon, 10 Mar 2008 14:56:28 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 066AE3A68B0; Mon, 10 Mar 2008 14:56:28 -0700 (PDT)
X-Original-To: emu@core3.amsl.com
Delivered-To: emu@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DC06F3A68AA for <emu@core3.amsl.com>; Mon, 10 Mar 2008 14:56:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id auC+Z6PhkviV for <emu@core3.amsl.com>; Mon, 10 Mar 2008 14:56:25 -0700 (PDT)
Received: from sj-iport-3.cisco.com (sj-iport-3.cisco.com [171.71.176.72]) by core3.amsl.com (Postfix) with ESMTP id D95B43A686D for <emu@ietf.org>; Mon, 10 Mar 2008 14:56:25 -0700 (PDT)
Received: from sj-dkim-1.cisco.com ([171.71.179.21]) by sj-iport-3.cisco.com with ESMTP; 10 Mar 2008 14:54:06 -0700
Received: from sj-core-1.cisco.com (sj-core-1.cisco.com [171.71.177.237]) by sj-dkim-1.cisco.com (8.12.11/8.12.11) with ESMTP id m2ALs5iY006343; Mon, 10 Mar 2008 14:54:05 -0700
Received: from xbh-sjc-231.amer.cisco.com (xbh-sjc-231.cisco.com [128.107.191.100]) by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id m2ALrVnd003731; Mon, 10 Mar 2008 21:53:58 GMT
Received: from xmb-sjc-225.amer.cisco.com ([128.107.191.38]) by xbh-sjc-231.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 10 Mar 2008 14:53:47 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Mon, 10 Mar 2008 14:54:33 -0700
Message-ID: <AC1CFD94F59A264488DC2BEC3E890DE5056D6F74@xmb-sjc-225.amer.cisco.com>
In-Reply-To: <1692.69.12.173.8.1204528031.squirrel@www.trepanning.net>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Emu] Agenda Take 2
Thread-Index: Ach8/XKyAkcL5TQ8QiGa7CsIrHm/uwF+1HQw
From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
To: Dan Harkins <dharkins@lounge.org>, SeongHan Shin <seonghan.shin@aist.go.jp>
X-OriginalArrivalTime: 10 Mar 2008 21:53:47.0820 (UTC) FILETIME=[380246C0:01C882F9]
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=5361; t=1205186045; x=1206050045; c=relaxed/simple; s=sjdkim1004; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jsalowey@cisco.com; z=From:=20=22Joseph=20Salowey=20(jsalowey)=22=20<jsalowey@ci sco.com> |Subject:=20RE=3A=20[Emu]=20Agenda=20Take=202 |Sender:=20; bh=eZeVgzz5Dlcn9GSO2E9fovV2cE6xNKSezh4x9etoUXM=; b=XklePSNhKbA6euEIIb0mWVaDCZYcJpfri8vfc4jRqw0q/YNCkZ3FeS6zY4 AADbdMNhehzBMhUNKyFmmw0oQs1ntjZu0tTZczKshpZc4ZCOtcLFWDC6EIFI /hHXB2kZ6cIV5HVGlWwFpzNRR0ELjgF04+l8OecBhugyfmCm5xlD8=;
Authentication-Results: sj-dkim-1; header.From=jsalowey@cisco.com; dkim=pass ( sig from cisco.com/sjdkim1004 verified; );
Cc: Kazukuni Kobara <k-kobara@aist.go.jp>, emu@ietf.org
Subject: Re: [Emu] Agenda Take 2
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/emu>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: emu-bounces@ietf.org
Errors-To: emu-bounces@ietf.org
Hi Dan, Could you describe the technical differences between the approach in draft-harkins-emu-eap-pwd-00.txt and existing approaches of SRP, SPEKE and EKE? Thanks, Joe > -----Original Message----- > From: emu-bounces@ietf.org [mailto:emu-bounces@ietf.org] On > Behalf Of Dan Harkins > Sent: Sunday, March 02, 2008 11:07 PM > To: SeongHan Shin > Cc: 'Kazukuni Kobara'; emu@ietf.org > Subject: Re: [Emu] Agenda Take 2 > > > Hi Shin, > > I'll put this on the list for cleanup in the -02 version. > In section 2.6.3.2 it describes constructing the password > element for a prime modulus group. It says: > > pwd-value = KDF(pwd-seed, "EAP-pwd Affixing the PWE", len(p)) > > PWE = pwd-value mod p > > this should be: > > pwd-value = pwd-value mod p > > We want to ensure the value stretched to the length of the > prime is numerically less than the prime. Section 2.6.3.2 > goes on to say: > > The PWE is then computed by exponentiating the pwd-value > to the value > ((p-1)/r) modulus the prime. > > PWD = pwd-value ^ ((p-1)/r) mod p > > I'm not sure where PWD came from :-). The convention is > capitals for elliptic curve groups to distinguish between > elements and scalars. There is no such convention for prime > modulus groups so it should be: > > The pwe is then computed by exponentiating the pwd-value > to the value > ((p-1)/r) modulus the prime. > > pwe = pwd-value ^ ((p-1)/r) mod p > > And then that "pwe" is used in 2.6.4.2. The idea is we take a > pwe-seed derived from the secret and identities and stretch > that using the KDF into a pwd-value which we reduce modulo > the prime. The pwd-value is then used to construct the > password element, pwe, by exponentiating as described above-- > pwd-value ^ ((p-1)/r) mod p. I obviously messed up the > description of that. > > As I said, I'll clean this up in the next version. If you > do find any security issues with this draft please let me > know. And also if there are other typographical errors or > similar issues you come across please tell me so I can clean them up. > > regards, > > Dan. > > On Sun, March 2, 2008 10:27 pm, SeongHan Shin wrote: > > Dear Dan Harkins, > > > > Sorry, I didn't know that the ID is updated. > > Anyway, I'll go through the new ID. > > > > By the way, is "pwe" in section 2.6.4.2 the same as "PWE"? > > > > Best regards, > > Shin > > > > -----Original Message----- > > From: Dan Harkins [mailto:dharkins@lounge.org] > > Sent: Monday, March 03, 2008 2:17 PM > > To: SeongHan Shin > > Cc: emu@ietf.org; 'Kazukuni Kobara' > > Subject: Re: [Emu] Agenda Take 2 > > > > > > Hi Shin, > > > > That draft has been updated. Please see the -01 version. > That is the > > one that will be presented in Philly and is, I believe, > resistant to > > off-line dictionary attack. If you know of an attack against it I > > would be extremely interested in hearing about it. > > > > regards, > > > > Dan. > > > > On Sun, March 2, 2008 7:16 pm, SeongHan Shin wrote: > >> Dear all, > >> > >> This is Shin. > >> I read the below ID (Password only Mechanism) > >> http://tools.ietf.org/id/draft-harkins-emu-eap-pwd-00.txt > >> to be presented at IETF 71. > >> > >> The idea of the protocol seems interesting. > >> However, I found that the protocol is susceptible to off-line > >> dictionary attack. > >> If someone is interested, I'll show how the attack works. > >> (you may already know that.) > >> > >> Best regards, > >> Shin > >> > >> > >> -----Original Message----- > >> From: emu-bounces@ietf.org [mailto:emu-bounces@ietf.org] > On Behalf Of > >> Joseph Salowey (jsalowey) > >> Sent: Thursday, February 28, 2008 8:04 AM > >> To: emu@ietf.org > >> Subject: [Emu] Agenda Take 2 > >> > >> EMU Agenda > >> IETF 71 > >> THURSDAY, March 13, 2008 > >> 0900-1130 Morning Session I > >> --------------------------------------------- > >> + Administrivia (5 min) > >> - agenda, blue sheets, note takers > >> > >> + Document Status (5 min) > >> - EAP-TLS - draft-simon-emu-rfc2716bis-13.txt > >> - EAP-GPSK - draft-ietf-emu-eap-gpsk-08.txt > >> > >> + Charter Revision Status (70 min) > >> - General text (10 min) > >> - Tunnel Method (20 min) > >> - Secure Password Only Method (20 min) > >> - Channel Bindings (20 min) > >> > >> + Tunnel Method Requirements (30 min) > >> - draft-salowey-emu-eaptunnel-req-00.txt > >> > >> + Channel Bindings (20 min) > >> - draft-clancy-emu-chbind-00.txt > >> - draft-clancy-emu-aaapay-00.txt > >> > >> + Password only Mechanism (20 min) > >> - draft-harkins-emu-eap-pwd-00.txt > >> _______________________________________________ > >> Emu mailing list > >> Emu@ietf.org > >> https://www.ietf.org/mailman/listinfo/emu > >> > >> > >> > >> _______________________________________________ > >> Emu mailing list > >> Emu@ietf.org > >> https://www.ietf.org/mailman/listinfo/emu > >> > > > > > > > > > > > > > > > _______________________________________________ > Emu mailing list > Emu@ietf.org > https://www.ietf.org/mailman/listinfo/emu > _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu
- [Emu] Agenda Take 2 Joseph Salowey (jsalowey)
- Re: [Emu] Agenda Take 2 Glen Zorn
- Re: [Emu] Agenda Take 2 SeongHan Shin
- Re: [Emu] Agenda Take 2 Dan Harkins
- Re: [Emu] Agenda Take 2 SeongHan Shin
- Re: [Emu] Agenda Take 2 Glen Zorn
- Re: [Emu] Agenda Take 2 Dan Harkins
- Re: [Emu] Agenda Take 2 Joseph Salowey (jsalowey)
- Re: [Emu] Agenda Take 2 Joseph Salowey (jsalowey)
- Re: [Emu] Agenda Take 2 Dan Harkins