[Hipsec] Would HIP benefit by having a PAKE?

Robert Moskowitz <rgm@htt-consult.com> Mon, 05 August 2019 18:27 UTC

Return-Path: <rgm@htt-consult.com>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E12A12004A for <hipsec@ietfa.amsl.com>; Mon, 5 Aug 2019 11:27:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.5
X-Spam-Level:
X-Spam-Status: No, score=-0.5 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r-QFI_QpeUYj for <hipsec@ietfa.amsl.com>; Mon, 5 Aug 2019 11:27:06 -0700 (PDT)
Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B76112003E for <hipsec@ietf.org>; Mon, 5 Aug 2019 11:27:06 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 70206615EB for <hipsec@ietf.org>; Mon, 5 Aug 2019 14:27:03 -0400 (EDT)
X-Virus-Scanned: amavisd-new at htt-consult.com
Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id FdxjxqA2QDiu for <hipsec@ietf.org>; Mon, 5 Aug 2019 14:26:56 -0400 (EDT)
Received: from lx140e.htt-consult.com (unknown [192.168.160.12]) (using TLSv1.2 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id F11E1615E6 for <hipsec@ietf.org>; Mon, 5 Aug 2019 14:26:53 -0400 (EDT)
To: HIP <hipsec@ietf.org>
From: Robert Moskowitz <rgm@htt-consult.com>
Message-ID: <28534149-a6fb-1282-72a7-702a611f7fae@htt-consult.com>
Date: Mon, 5 Aug 2019 14:26:45 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/hipsec/YvGKIbcqMhg9bLPdb0ubp8KrHu4>
Subject: [Hipsec] Would HIP benefit by having a PAKE?
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hipsec/>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Aug 2019 18:27:08 -0000

As part of developing the "Trustworthy Multipurpose Remote ID", I am 
going to add new crypto algorithms along the lines that I have in 
draft-moskowitz-small-crypto.

The "open' question is that of a PAKE.  Would HIP benefit with a PAKE.  
I really don't see it, but since I am opening up the crypto closet, I 
felt I had to consider the work on PAKE that CFRG has been doing the 
past few years.

Keywrap as I have put into HIP DEX is a separate issue, which I do not 
believe (I could be wrong) PAKE would help with.

I am interested in other's thoughts wrt to PAKE and HIP.

thanks