IETF Logo Mail Archive

Re: [openpgp] [PATCH] RFC4880bis: Argon2i

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Tue, 03 November 2015 01:20 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 640D71ACD95 for <openpgp@ietfa.amsl.com>; Mon, 2 Nov 2015 17:20:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nn9oDofnqA2u for <openpgp@ietfa.amsl.com>; Mon, 2 Nov 2015 17:20:37 -0800 (PST)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id 9C4E61ACD88 for <openpgp@ietf.org>; Mon, 2 Nov 2015 17:20:35 -0800 (PST)
Received: from fifthhorseman.net (dhcp-36-99.meeting.ietf94.jp [133.93.36.99]) by che.mayfirst.org (Postfix) with ESMTPSA id 56CF2F984; Mon, 2 Nov 2015 20:20:32 -0500 (EST)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 1792F20103; Tue, 3 Nov 2015 10:20:26 +0900 (JST)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Nils Durner <ndurner@googlemail.com>, "openpgp@ietf.org" <openpgp@ietf.org>
In-Reply-To: <5623AA95.4060903@googlemail.com>
References: <5623AA95.4060903@googlemail.com>
User-Agent: Notmuch/0.20.2 (http://notmuchmail.org) Emacs/24.5.1 (x86_64-pc-linux-gnu)
Date: Tue, 03 Nov 2015 10:20:26 +0900
Message-ID: <874mh3q3ol.fsf@alice.fifthhorseman.net>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/uY73mf_zu9SF-4YqYf1gqwwN4lc>
Subject: Re: [openpgp] [PATCH] RFC4880bis: Argon2i
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Nov 2015 01:20:38 -0000

Hi Nils--

On Sun 2015-10-18 23:20:05 +0900, Nils Durner wrote:

> attached is a patch against RFC 4880bis in
> git://git.gnupg.org/gnupg-doc.git to include Argon2i as an S2K method.

Thanks for this patch!  Since Argon2 is the winner of the
password-hashing competition [0], and Argon2i is the variant of Argon2
that is intended for password-based key derivation, this seems like a
good candidate.

If we introduce this as a normative dependency for OpenPGP, though, we
might also want to have an IETF RFC for Argon2.  Do you know of anyone
working on such a draft?  I don't see anythng posted at the datatracker:

 https://datatracker.ietf.org/doc/search/?name=argon&activedrafts=on&rfcs=on

If anyone else knows of efforts to document argon2, or wants to advance
such a draft, i'd be happy to hear about it.

     --dkg

[0] https://password-hashing.net/

v2.23.0 | Report a Bug | By Email