Re: [saag] Improving the CHAP protocol

"Mark D. Baushke" <mdb@juniper.net> Wed, 25 September 2019 19:11 UTC

Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.242.12 as permitted sender)
To: Jim Schaad <ietf@augustcellars.com>
CC: David Black <David.Black@dell.com>, saag@ietf.org
In-Reply-To: <01ae01d573c7$97de44b0$c79ace10$@augustcellars.com>
References: <9641f69d-0ffb-1c1d-7fb6-98ef4a54ad2c@redhat.com> <1569087342890.52733@cs.auckland.ac.nz> <4354cf7e-74f2-d36c-5fa0-587a2118a507@redhat.com>, <CE03DB3D7B45C245BCA0D243277949363070E288@MX307CL04.corp.emc.com> <1569336830344.45369@cs.auckland.ac.nz> <CE03DB3D7B45C245BCA0D2432779493630711EBF@MX307CL04.corp.emc.com> <01ae01d573c7$97de44b0$c79ace10$@augustcellars.com>
Comments: In-reply-to: Jim Schaad <ietf@augustcellars.com> message dated "Wed, 25 Sep 2019 10:35:13 -0700."
From: "Mark D. Baushke" <mdb@juniper.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <26765.1569438669.1@contrail-ubm16-mdb.svec1.juniper.net>
Date: Wed, 25 Sep 2019 12:11:09 -0700
Message-ID: <26766.1569438669@contrail-ubm16-mdb.svec1.juniper.net>
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Sep 2019 19:11:12.0278 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 04996dd2-054f-4347-3245-08d741ec2127
X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.242.12]; Helo=[P-EXFEND-EQX-01.jnpr.net]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR05MB7086
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,1.0.8 definitions=2019-09-25_08:2019-09-25,2019-09-25 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 mlxscore=0 suspectscore=1 mlxlogscore=472 bulkscore=0 phishscore=0 spamscore=0 lowpriorityscore=0 priorityscore=1501 adultscore=0 clxscore=1011 malwarescore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1908290000 definitions=main-1909250160
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/4LRitN1IFI5sNTzPVzt4cZAnR-Q>
Subject: Re: [saag] Improving the CHAP protocol
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Sep 2019 19:11:29 -0000

Jim Schaad <ietf@augustcellars.com> writes:

> If you do that, I don't know if you want SHA3-256 or SHAKE. SHAKE
> seems to be used more from what I have seen so far.

I think SHAKE256 is the better entry in my opinion if you want something
for the future.

I believe you will find implementations in popular crypto libraries
(provided in alphabetical order) such as Bouncy Castle, Crypto++,
Libgcrypt, and OpenSSL.

	-- Mark

[saag] Improving the CHAP protocol Maurizio Lombardi
Re: [saag] Improving the CHAP protocol Mark D. Baushke
Re: [saag] Improving the CHAP protocol Kathleen Moriarty
Re: [saag] Improving the CHAP protocol Black, David
Re: [saag] Improving the CHAP protocol Kathleen Moriarty
Re: [saag] Improving the CHAP protocol Peter Gutmann
Re: [saag] Improving the CHAP protocol Yoav Nir
Re: [saag] Improving the CHAP protocol Peter Gutmann
Re: [saag] Improving the CHAP protocol Alan DeKok
Re: [saag] Improving the CHAP protocol John Mattsson
Re: [saag] Improving the CHAP protocol Peter Gutmann
Re: [saag] Improving the CHAP protocol Maurizio Lombardi
Re: [saag] Improving the CHAP protocol Black, David
Re: [saag] Improving the CHAP protocol Alan DeKok
Re: [saag] Improving the CHAP protocol Peter Gutmann
Re: [saag] Improving the CHAP protocol Black, David
Re: [saag] Improving the CHAP protocol Salz, Rich
Re: [saag] Improving the CHAP protocol Jim Schaad
Re: [saag] Improving the CHAP protocol Black, David
Re: [saag] Improving the CHAP protocol Mark D. Baushke
Re: [saag] Improving the CHAP protocol John Mattsson
Re: [saag] Improving the CHAP protocol Dang, Quynh (Fed)