Re: [secdir] secdir review of draft-kuegler-ipsecme-pace-ikev2

Tom Yu <tlyu@MIT.EDU> Thu, 14 April 2011 20:51 UTC

Return-Path: <tlyu@mit.edu>
X-Original-To: secdir@ietfc.amsl.com
Delivered-To: secdir@ietfc.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfc.amsl.com (Postfix) with ESMTP id CECD3E07CA for <secdir@ietfc.amsl.com>; Thu, 14 Apr 2011 13:51:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.59
X-Spam-Level:
X-Spam-Status: No, score=-100.59 tagged_above=-999 required=5 tests=[AWL=2.009, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([208.66.40.236]) by localhost (ietfc.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SVcRWgQN8Giu for <secdir@ietfc.amsl.com>; Thu, 14 Apr 2011 13:51:33 -0700 (PDT)
Received: from dmz-mailsec-scanner-1.mit.edu (DMZ-MAILSEC-SCANNER-1.MIT.EDU [18.9.25.12]) by ietfc.amsl.com (Postfix) with ESMTP id 39B15E077E for <secdir@ietf.org>; Thu, 14 Apr 2011 13:51:30 -0700 (PDT)
X-AuditID: 1209190c-b7b7aae0000047c7-73-4da75e5685d1
Received: from mailhub-auth-2.mit.edu ( [18.7.62.36]) by dmz-mailsec-scanner-1.mit.edu (Symantec Messaging Gateway) with SMTP id 9D.F5.18375.65E57AD4; Thu, 14 Apr 2011 16:51:34 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by mailhub-auth-2.mit.edu (8.13.8/8.9.2) with ESMTP id p3EKpScx007084; Thu, 14 Apr 2011 16:51:28 -0400
Received: from cathode-dark-space.mit.edu (CATHODE-DARK-SPACE.MIT.EDU [18.18.1.96]) (authenticated bits=56) (User authenticated as tlyu@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id p3EKpNE9013717 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 14 Apr 2011 16:51:24 -0400 (EDT)
Received: (from tlyu@localhost) by cathode-dark-space.mit.edu (8.12.9.20060308) id p3EKpNJp027132; Thu, 14 Apr 2011 16:51:23 -0400 (EDT)
To: Yaron Sheffer <yaronf.ietf@gmail.com>
References: <AC6674AB7BC78549BB231821ABF7A9AEB530189991@EMBX01-WF.jnpr.net> <4DA69C8A.7000305@gmail.com> <BANLkTi=3WCvUgtLdNknDog--UniYM1G9Bg@mail.gmail.com> <4DA72605.10506@gmail.com> <BANLkTikXF=S3NugNBErZZGLngyCECh=jTw@mail.gmail.com> <ced915e87f60e86c5db6f21f7e94d1a3.squirrel@www.trepanning.net> <BANLkTimqGh84igi5iVJop6O2reG8WF8s-Q@mail.gmail.com> <9c05d036d0e99a053cf977d3f2c441db.squirrel@www.trepanning.net> <BANLkTikF_eG3-CfoJi+6fthvt0gg6D=kwQ@mail.gmail.com> <4DA73C26.5070407@gmail.com> <BANLkTin7tZwKX5zK6Qq2HOtWH17k0omtMA@mail.gmail.com> <4DA74F2A.2060504@gmail.com>
From: Tom Yu <tlyu@MIT.EDU>
Date: Thu, 14 Apr 2011 16:51:23 -0400
In-Reply-To: <4DA74F2A.2060504@gmail.com> (Yaron Sheffer's message of "Thu, 14 Apr 2011 22:46:50 +0300")
Message-ID: <ldvk4ewd0ac.fsf@cathode-dark-space.mit.edu>
Lines: 8
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpileLIzCtJLcpLzFFi42IRYrdT0Q2LW+5r0NsgbdH0rpvF4tS1I2wW HxY+ZLFYdX8GuwOLx8tT5xg9ds66y+6xZMlPJo8vlz+zBbBEcdmkpOZklqUW6dslcGVcnnSM ueAVU8WlQy2MDYzLmboYOTkkBEwkvjYtY4WwxSQu3FvP1sXIxSEksI9RYsaZ7ewQzgZGiadf O5kgnCtMEm/v7IbKdDFKbN60Bcjh4BAR0JSYdtQKJM4scJRR4sS0NWA7hAXcJb5eegc19xaL xMc7zawgDWwC0hJHF5eB1LAIqErsfniSDcTmFMiQaDp6lBnE5hWwkOh4vpMFxOYR4JBYvfsf E0RcUOLkzCdgcWYBLYkb/14yTWAUnIUkNQtJagEj0ypG2ZTcKt3cxMyc4tRk3eLkxLy81CJd Q73czBK91JTSTYygoOaU5NnB+Oag0iFGAQ5GJR7eC3LLfYVYE8uKK3MPMUpyMCmJ8t6PBQrx JeWnVGYkFmfEF5XmpBYfYpTgYFYS4e19tcxXiDclsbIqtSgfJiXNwaIkzjtDUt1XSCA9sSQ1 OzW1ILUIJivDwaEkwfsEZKhgUWp6akVaZk4JQpqJgxNkOA/Q8HMgNbzFBYm5xZnpEPlTjIpS 4rzzQRICIImM0jy4XljSecUoDvSKMO9NkCoeYMKC634FNJgJaHC2EtjgkkSElFQD4+QXd6KY ii7xaqiHyDI3q69yvv5+84Msg/sf/yjsly1Y/dVn96W1E74zi3dutW0++e9dckjorXd8fuIc i/oWnD0UPVkjd/ZVg5NqX4oWxWXnzu/Ia32s4Bfjejw/cKc16/PJTyJ2BEktPy6p5rF8Ausv 188nZAvFZrOImUq78T438lyyQN9aTYmlOCPRUIu5qDgRAOraiooVAwAA
Cc: "draft-kuegler-ipsecme-pace-ikev2@tools.ietf.org" <draft-kuegler-ipsecme-pace-ikev2@tools.ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Subject: Re: [secdir] secdir review of draft-kuegler-ipsecme-pace-ikev2
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Apr 2011 20:51:34 -0000

Yaron Sheffer <yaronf.ietf@gmail.com> writes:

> Yes, PACE is a ZKPP, and the AUTH payloads depend on values that the
> attacker cannot compute (PACESharedSecret). Again, this assertion is
> based on the mathematical proof of the protocol.

Given Nico's comments, perhaps the fact that PACE is a ZKPP should be
made more obvious earlier in the document.