[TLS] Augmented PAKE (Re: New Version Notification for draft-shin-tls-augpake-01.txt)
SeongHan Shin <seonghan.shin@aist.go.jp> Wed, 06 November 2013 19:25 UTC
Return-Path: <seonghan.shin@aist.go.jp>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A9F921E8189 for <tls@ietfa.amsl.com>; Wed, 6 Nov 2013 11:25:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.976
X-Spam-Level:
X-Spam-Status: No, score=-5.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aS5LujzclUnm for <tls@ietfa.amsl.com>; Wed, 6 Nov 2013 11:25:17 -0800 (PST)
Received: from na3sys010aog101.obsmtp.com (na3sys010aog101.obsmtp.com [74.125.245.70]) by ietfa.amsl.com (Postfix) with ESMTP id 6CB9211E81C7 for <tls@ietf.org>; Wed, 6 Nov 2013 11:25:15 -0800 (PST)
Received: from mail-lb0-f182.google.com ([209.85.217.182]) (using TLSv1) by na3sys010aob101.postini.com ([74.125.244.12]) with SMTP ID DSNKUnqXmvYO4bLPYX7xDlClQs9tmD/RyoWR@postini.com; Wed, 06 Nov 2013 11:25:15 PST
Received: by mail-lb0-f182.google.com with SMTP id w6so91669lbh.41 for <tls@ietf.org>; Wed, 06 Nov 2013 11:25:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aist.go.jp; s=google; h=mime-version:date:message-id:subject:from:to:cc:content-type; bh=xh22HQaFNNqSWhHsP8jwcnOXapX0zYpxt1KDNMS+zPM=; b=wXxbkphlAoLiDqWoTy0NCw4056+7aFGEwZ83X2kfVa39y+cECMd72QipdS+HNeOPWd WUxsEwynbh98LPz4ZCeXdKPu1kSnyZbjNEaFrNbmP3U9TlDPOwNYTZijkPWJnt+I8FVO bLkKlHWAu7ebT9cQjtDEMVmcTwlFM0DpSvVRk=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:date:message-id:subject:from:to:cc :content-type; bh=xh22HQaFNNqSWhHsP8jwcnOXapX0zYpxt1KDNMS+zPM=; b=M2Q2MavicBNg4qS2QYXPGhEORzlT7fclXDijCZV7/v8qTFtODxl/wE9JebKHz1mbXp YV/VwBJEiwWBsetkTv/wTuKG3aYdRxr5YQxodheC0YfoTbhxYWuveL+I8DJb1mzO9FvN pJxTNg4VT8RWYwKGytQjoovigVbs4yGL/stsVJpNm8wW196kLJMnkJtbhaGu5h9wk0Ey GGnQAUkqWkHz2X3WCbYchGJ9A6K0iJkZNUtNQ9n/7LFeHAqB721/8blWXpfsxAJGcXuh 0Ii88UtsktinrhNPq9nP+ht7r+MktANod02TPijMFcmMhA4ltj872nKAjo97E70zmjsP Euag==
X-Gm-Message-State: ALoCoQl1MWTKk2SdbHO9My6rQYOGfYbbgAij2GaGonmJavwv9p1OYTlpk7J4CP55I1hACBj2G8Y2hzsb5VCU3l9aTJGLwFcC2IzA14oWaDZvQuBzlRhKAwNoAka2nbz8J4gb+SBIZLMC09g8brZ/lz7FPXxF31m9xA==
X-Received: by 10.112.204.74 with SMTP id kw10mr3750843lbc.13.1383765913396; Wed, 06 Nov 2013 11:25:13 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.112.204.74 with SMTP id kw10mr3750832lbc.13.1383765913245; Wed, 06 Nov 2013 11:25:13 -0800 (PST)
Received: by 10.112.141.138 with HTTP; Wed, 6 Nov 2013 11:25:13 -0800 (PST)
Date: Thu, 07 Nov 2013 04:25:13 +0900
Message-ID: <CAEKgtqmfHpzNye_DCgyzJ7PmsGRFWCHAtjX=HOLKo0OEoEi0gQ@mail.gmail.com>
From: SeongHan Shin <seonghan.shin@aist.go.jp>
To: tls@ietf.org
Content-Type: multipart/alternative; boundary="001a11c3bb34b629f704ea871bd0"
Cc: 古原和邦 <k-kobara@aist.go.jp>
Subject: [TLS] Augmented PAKE (Re: New Version Notification for draft-shin-tls-augpake-01.txt)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Nov 2013 19:25:21 -0000
Dear all, For anyone who are interested in PAKE, pls see the below I-D regarding augmented PAKE. IMO, two reasons that SRP was published as RFC 2945 and included in IEEE 1363.2 and ISO/IEC 11770-4 are 1) SRP is an augmented PAKE and 2) the server's computation cost of SRP is a minimum. (Though SRP has no provable security) The AugPAKE in the below I-D is provably secure and more efficient than other augmented PAKEs (including SRP and AMP). Of course, augmented PAKE provides additional security property over (balanced) PAKE. Best regards, Shin On Wed, Sep 4, 2013 at 6:39 PM, SeongHan Shin <seonghan.shin@aist.go.jp>wrote: > Dear all, > > I submitted a new version of our I-D regarding augmented PAKE (AugPAKE) > and its integration into TLS. > I added some features of AugPAKE in Appendix. > Any comments are welcome! > > Best regards, > Shin > > ---------- Forwarded message ---------- > From: <internet-drafts@ietf.org> > Date: Wed, Sep 4, 2013 at 6:26 PM > Subject: New Version Notification for draft-shin-tls-augpake-01.txt > To: Kazukuni Kobara <kobara_conf-ml@aist.go.jp>, SeongHan Shin < > seonghan.shin@aist.go.jp> > > > > A new version of I-D, draft-shin-tls-augpake-01.txt > has been successfully submitted by SeongHan Shin and posted to the > IETF repository. > > Filename: draft-shin-tls-augpake > Revision: 01 > Title: Augmented Password-Authenticated Key Exchange for > Transport Layer Security (TLS) > Creation date: 2013-09-04 > Group: Individual Submission > Number of pages: 19 > URL: > http://www.ietf.org/internet-drafts/draft-shin-tls-augpake-01.txt > Status: http://datatracker.ietf.org/doc/draft-shin-tls-augpake > Htmlized: http://tools.ietf.org/html/draft-shin-tls-augpake-01 > Diff: > http://www.ietf.org/rfcdiff?url2=draft-shin-tls-augpake-01 > > Abstract: > This document describes an efficient augmented password-authenticated > key exchange (AugPAKE) protocol where a user remembers a low-entropy > password and its verifier is registered in the intended server. In > general, the user password is chosen from a small set of dictionary > whose space is within the off-line dictionary attacks. The AugPAKE > protocol described here is secure against passive attacks, active > attacks and off-line dictionary attacks (on the obtained messages > with passive/active attacks), and also provides resistance to server > compromise (in the context of augmented PAKE security). Based on the > AugPAKE protocol, this document also specifies a new password-only > authentication handshake for Transport Layer Security (TLS) protocol. > > > > > Please note that it may take a couple of minutes from the time of > submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat > > > > > -- > ------------------------------------------------------------------ > SeongHan Shin > Research Institute for Secure Systems (RISEC), > National Institute of Advanced Industrial Science and Technology (AIST), > Central 2, 1-1-1, Umezono, Tsukuba City, Ibaraki 305-8568 Japan > Tel : +81-29-861-2670/5284 > Fax : +81-29-861-5285 > E-mail : seonghan.shin@aist.go.jp > ------------------------------------------------------------------ > -- ------------------------------------------------------------------ SeongHan Shin Research Institute for Secure Systems (RISEC), National Institute of Advanced Industrial Science and Technology (AIST), Central 2, 1-1-1, Umezono, Tsukuba City, Ibaraki 305-8568 Japan Tel : +81-29-861-2670/5284 Fax : +81-29-861-5285 E-mail : seonghan.shin@aist.go.jp ------------------------------------------------------------------
- [TLS] Augmented PAKE (Re: New Version Notificatio… SeongHan Shin
- Re: [TLS] Augmented PAKE (Re: New Version Notific… Fabrice Gautier
- Re: [TLS] Augmented PAKE (Re: New Version Notific… SeongHan Shin
- Re: [TLS] Augmented PAKE (Re: New Version Notific… Fabrice
- Re: [TLS] Augmented PAKE (Re: New Version Notific… SeongHan Shin