IETF Logo Mail Archive

Re: [TLS] Should TLS 1.3 use an augmented PAKE by default?

Andy Lutomirski <luto@amacapital.net> Wed, 19 March 2014 16:06 UTC

Return-Path: <luto@amacapital.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72AE11A07A0 for <tls@ietfa.amsl.com>; Wed, 19 Mar 2014 09:06:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.979
X-Spam-Level:
X-Spam-Status: No, score=-1.979 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PT1iDN5QNT-X for <tls@ietfa.amsl.com>; Wed, 19 Mar 2014 09:06:52 -0700 (PDT)
Received: from mail-ve0-f176.google.com (mail-ve0-f176.google.com [209.85.128.176]) by ietfa.amsl.com (Postfix) with ESMTP id EF9FD1A0790 for <tls@ietf.org>; Wed, 19 Mar 2014 09:06:51 -0700 (PDT)
Received: by mail-ve0-f176.google.com with SMTP id cz12so9160584veb.35 for <tls@ietf.org>; Wed, 19 Mar 2014 09:06:43 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=Te3Ugzou6DoynDhOmGvQIczxwghnuCK96Y/nWgKvau8=; b=YfRydFNnC6P62J6mXusPskWUpn+T114WbjCSqMTqEIaDezB3pBHfgAzkCAxYNAJhxE yFD/H/MVahFCxTReC3fymRultSt2pF9D0h3z4mn6nAaj4KZGgKAvCy3F0GypGqN8Zyhu hRsNvEGnXeCzLQ0uSr1fisldnWaGNH87B4vnhSYe1Qb340H88cwmYi+UT00A083SHXMy lBvBUoKhQXuO4xTDBg4FpYH3xb6nQMcGiiNHwU5D0/GpEBk3d5fPR1pRrQrno308ylDR WZuYEYqP1mSipbNKhPhCHATa/GeqnPoddFZfKCNjLwaTOBuAwzHkb22XT5n0dkHgNSUa lq9w==
X-Gm-Message-State: ALoCoQkk1jW9dNuvTLPzQG/ZCMst7b/CPtQFYDBcsPUID3n0Gr6fye9o0f+KM0ueGMK6k/gFPBa/
X-Received: by 10.52.51.226 with SMTP id n2mr6140vdo.57.1395245203160; Wed, 19 Mar 2014 09:06:43 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.58.83.130 with HTTP; Wed, 19 Mar 2014 09:06:23 -0700 (PDT)
In-Reply-To: <6b79e0820d349720f12b14d4706a8a5d.squirrel@webmail.dreamhost.com>
References: <53288C43.9010205@mit.edu> <5328B6DF.8070703@fifthhorseman.net> <5328C0C8.9060403@mit.edu> <6b79e0820d349720f12b14d4706a8a5d.squirrel@webmail.dreamhost.com>
From: Andy Lutomirski <luto@amacapital.net>
Date: Wed, 19 Mar 2014 09:06:23 -0700
Message-ID: <CALCETrUz8zCBHiq42GTnkkSaBcpA5pjSvk6kwwPjzn+MtBKMgA@mail.gmail.com>
To: ryan-ietftls@sleevi.com
Content-Type: text/plain; charset="ISO-8859-1"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/Dl96oGI9PLmDFkCXarTov-l2EKs
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Should TLS 1.3 use an augmented PAKE by default?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Mar 2014 16:06:53 -0000

On Tue, Mar 18, 2014 at 10:54 PM, Ryan Sleevi <ryan-ietftls@sleevi.com> wrote:
> I have yet to hear of a good mail client
> "phishing" attack (you *are* validating your IMAP certs, right?), so this
> seems almost predominantly an issue of attacker-controlled UI - that is,
> the web.

Even for IMAP, using PAKE, augmented or balanced, would give a
significant amount of protection against MITMs who have compromised a
CA.  Since compromising a CA seems to be a popular thing to do these
days, resisting these attacks at the protocol level would add
considerable value.

--Andy

v2.23.0 | Report a Bug | By Email