Re: [TLS] [Cfrg] I-D Action: draft-irtf-cfrg-augpake-00.txt
Trevor Perrin <trevp@trevp.net> Fri, 06 December 2013 20:26 UTC
Return-Path: <trevp@trevp.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 494581AE0C5 for <tls@ietfa.amsl.com>; Fri, 6 Dec 2013 12:26:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=unavailable
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9eI0sFgy3J_y for <tls@ietfa.amsl.com>; Fri, 6 Dec 2013 12:26:20 -0800 (PST)
Received: from mail-we0-f174.google.com (mail-we0-f174.google.com [74.125.82.174]) by ietfa.amsl.com (Postfix) with ESMTP id 7CF0F1AE074 for <tls@ietf.org>; Fri, 6 Dec 2013 12:26:20 -0800 (PST)
Received: by mail-we0-f174.google.com with SMTP id q58so1177278wes.19 for <tls@ietf.org>; Fri, 06 Dec 2013 12:26:16 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=PYUHsRqZPNYk1sTamy86wSd6F0lNUU1uPI1GY+IaLY8=; b=Gjfy+xj6QVD1zZP0eUy3i1ct41qZG/nD5eA82fvycciTPxgyVatsITobqupz2e+6oa /N6vju/1ajlwk2m1WlbZRLNxCoPZRUf0c0VvqzoxEVzqMVwkLc6c71CtjB/3LMLZAyQV hjKlieW9Vo1W08ylBbHGTq57EmwXcs8Z7IToZ6Gdaqe8MmUM1xDo2f7To4u2jsFVlyQG slwa1/4DV8eE+7s12G3GNRhk7Xw8qooMawBmlHzyVBtUT8VJKBaPEZ7ICLiUV78HLhlC jD5AXmFIyuoeVuHUSnIuZTYjp279/r09fypBuck/LWE2hw0W2g6e4rcLyIi/0rIGETgm gfwA==
X-Gm-Message-State: ALoCoQl6yuT/ky/WryjMZy1rNg4ARg6h2JdOj5zRtUHxsEjBSa/L7GugYb+pGPTMlCToaZnWtdiN
MIME-Version: 1.0
X-Received: by 10.194.142.142 with SMTP id rw14mr5162975wjb.87.1386361575765; Fri, 06 Dec 2013 12:26:15 -0800 (PST)
Received: by 10.216.214.134 with HTTP; Fri, 6 Dec 2013 12:26:15 -0800 (PST)
X-Originating-IP: [64.134.226.64]
In-Reply-To: <CAEKgtqkV=FZgTMtJXGgA2je0ECmrCWUVD7crDXV9994xOwc0Fg@mail.gmail.com>
References: <20130906074540.19067.67943.idtracker@ietfa.amsl.com> <CAEKgtqkV=FZgTMtJXGgA2je0ECmrCWUVD7crDXV9994xOwc0Fg@mail.gmail.com>
Date: Fri, 06 Dec 2013 12:26:15 -0800
Message-ID: <CAGZ8ZG1XXiC-sk==LViYAwFSSY5ampT0O3b2aAN-yRK38bDCYw@mail.gmail.com>
From: Trevor Perrin <trevp@trevp.net>
To: SeongHan Shin <seonghan.shin@aist.go.jp>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: 古原和邦 <k-kobara@aist.go.jp>, cfrg@ietf.org, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] [Cfrg] I-D Action: draft-irtf-cfrg-augpake-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Dec 2013 20:26:23 -0000
I really like this idea & can find no problems. Since a single cursory opinion counts for CFRG consensus [1,2], consider this approved by CFRG and our NSA overseers. Thanks, come again! Trevor P.S. The treatment of random numbers could be improved, consider referencing NIST SP 800-90A. (psst Kevin ^^^ THIS is how it's done. *FINESSE*, or you'll never work the big leagues!) [1] http://www.ietf.org/mail-archive/web/cfrg/current/msg03047.html [2] http://www.ietf.org/proceedings/84/minutes/minutes-84-tls On Sun, Sep 29, 2013 at 11:18 PM, SeongHan Shin <seonghan.shin@aist.go.jp> wrote: > Dear all, > > We submitted our I-D regarding augmented PAKE > that provides extra protection to server compromise compared to balanced > PAKE. > (Of course, it can be easily converted to the balanced one) > > Any comments are welcome! > > Best regards, > Shin > > > On Fri, Sep 6, 2013 at 4:45 PM, <internet-drafts@ietf.org> wrote: >> >> >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> This draft is a work item of the Crypto Forum Research Group Working >> Group of the IETF. >> >> Title : Augmented Password-Authenticated Key Exchange >> (AugPAKE) >> Author(s) : SeongHan Shin >> Kazukuni Kobara >> Filename : draft-irtf-cfrg-augpake-00.txt >> Pages : 17 >> Date : 2013-09-06 >> >> Abstract: >> This document describes a secure and highly-efficient augmented >> password-authenticated key exchange (AugPAKE) protocol where a user >> remembers a low-entropy password and its verifier is registered in >> the intended server. In general, the user password is chosen from a >> small set of dictionary whose space is within the off-line dictionary >> attacks. The AugPAKE protocol described here is secure against >> passive attacks, active attacks and off-line dictionary attacks (on >> the obtained messages with passive/active attacks). Also, this >> protocol provides resistance to server compromise in the context that >> an attacker, who obtained the password verifier from the server, must >> at least perform off-line dictionary attacks to gain any advantage in >> impersonating the user. The AugPAKE protocol is not only provably >> secure in the random oracle model but also the most efficient over >> the previous augmented PAKE protocols (SRP and AMP). >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-irtf-cfrg-augpake >> >> There's also a htmlized version available at: >> http://tools.ietf.org/html/draft-irtf-cfrg-augpake-00 >> >> >> Please note that it may take a couple of minutes from the time of >> submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> Cfrg mailing list >> Cfrg@irtf.org >> http://www.irtf.org/mailman/listinfo/cfrg > > > > > -- > ------------------------------------------------------------------ > SeongHan Shin > Research Institute for Secure Systems (RISEC), > National Institute of Advanced Industrial Science and Technology (AIST), > Central 2, 1-1-1, Umezono, Tsukuba City, Ibaraki 305-8568 Japan > Tel : +81-29-861-2670/5284 > Fax : +81-29-861-5285 > E-mail : seonghan.shin@aist.go.jp > ------------------------------------------------------------------ > > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > http://www.irtf.org/mailman/listinfo/cfrg >
- Re: [TLS] [Cfrg] I-D Action: draft-irtf-cfrg-augp… Trevor Perrin
- Re: [TLS] [Cfrg] I-D Action: draft-irtf-cfrg-augp… Trevor Perrin
- Re: [TLS] [Cfrg] I-D Action: draft-irtf-cfrg-augp… SeongHan Shin