Re: [TLS] TLS-PWD vs. TLS-SRP

SeongHan Shin <seonghan.shin@aist.go.jp> Wed, 06 November 2013 21:24 UTC

Return-Path: <seonghan.shin@aist.go.jp>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E9D0911E8184 for <tls@ietfa.amsl.com>; Wed, 6 Nov 2013 13:24:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.976
X-Spam-Level:
X-Spam-Status: No, score=-5.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ChpTBlmsAEbC for <tls@ietfa.amsl.com>; Wed, 6 Nov 2013 13:24:02 -0800 (PST)
Received: from na3sys010aog113.obsmtp.com (na3sys010aog113.obsmtp.com [74.125.245.94]) by ietfa.amsl.com (Postfix) with ESMTP id 078D211E815A for <tls@ietf.org>; Wed, 6 Nov 2013 13:24:02 -0800 (PST)
Received: from mail-la0-f46.google.com ([209.85.215.46]) (using TLSv1) by na3sys010aob113.postini.com ([74.125.244.12]) with SMTP ID DSNKUnqzcaCIi0HJtG6zKVEbcte6ItW03Fuc@postini.com; Wed, 06 Nov 2013 13:24:02 PST
Received: by mail-la0-f46.google.com with SMTP id el20so72028lab.5 for <tls@ietf.org>; Wed, 06 Nov 2013 13:24:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aist.go.jp; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=ayUunYqsQjnqoy41uMMJmCQEyURQhh020OHeuLxV46I=; b=OZPOFj3Ooj4Jv44/+ci7U7GzwSVlsnei3/ND4zuoDEdAdRl/7udnJ3rybyTN7qAUZZ IQbpSbYmLMI6iOURBmIC7uHYi4jhnzgb6HNToekum/aJtktmAKBgEe369p608tpWhgVH 9BQ1xZO+Z3X7Uwb1GSlI+cPcB5y7qIyJ97ueA=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=ayUunYqsQjnqoy41uMMJmCQEyURQhh020OHeuLxV46I=; b=MT/XpX7XIr1jcq6ZTbf8beWRBFOz/WpAxS1nV4oTSaNaFXWDh9tQBMqtszqLTAmDww QiSZ/BLVvIynrWE3ZBG9Rg3J8d9ROUAFTNt+B0tVvsE1l7BLzUwThLWI/OWniblzbpuv oIJmFXY/ZdpeNfoiZVkmkS7MxNaPMc9qboYBa5efuOyMFNWbSxmspC3UjrohOMlo2cbG HnbzEVuYgB4D4RKcZAriMWJi0OEWWYilkrNfh00kFhBM6RYZko401Hg2RRHTfWxna8ja ElQhvGmUU0BuVrb5eXGv5Q7+Kaedf4ZgMznzUXGcKCgm0ABpNsNfTyCLUZYjGXr4Xd+o BFtQ==
X-Gm-Message-State: ALoCoQndO0V6aSJmyFHtgY8BIPuf6IX26wIeohlRzr4MFurPBSoHzayL6V+j0BF+IqZYHjhuDvOWi1IRN8udveZgwFWBpYKU/KGpqj5H44K1MdbPZ+ySwUla80Q4Hwe4LE+mejcN5wlKCvOsU1qXaH+Vl3XGEWf0Fw==
X-Received: by 10.152.28.9 with SMTP id x9mr92241lag.27.1383773040220; Wed, 06 Nov 2013 13:24:00 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.152.28.9 with SMTP id x9mr92239lag.27.1383773040071; Wed, 06 Nov 2013 13:24:00 -0800 (PST)
Received: by 10.112.141.138 with HTTP; Wed, 6 Nov 2013 13:24:00 -0800 (PST)
In-Reply-To: <2fde1fc4aa651cb7bcb38749fb24fa25.squirrel@www.trepanning.net>
References: <CAEKgtqmAvR3FoWqE8HxxTWSGrmzEGVKGih4k0+iGXDtodDaMFw@mail.gmail.com> <2fde1fc4aa651cb7bcb38749fb24fa25.squirrel@www.trepanning.net>
Date: Thu, 07 Nov 2013 06:24:00 +0900
Message-ID: <CAEKgtqm5pKf+Ky2jazGpDan02yjdtAOhiwfCyAiT_uEHHhEnuA@mail.gmail.com>
From: SeongHan Shin <seonghan.shin@aist.go.jp>
To: tls@ietf.org, Dan Harkins <dharkins@lounge.org>
Content-Type: multipart/alternative; boundary="089e0160b8fe80e71404ea88c408"
Subject: Re: [TLS] TLS-PWD vs. TLS-SRP
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Nov 2013 21:24:07 -0000

Hi Dan,

Here comes the next question:
Is there any advantages of tls-pwd over tls-augpake and SPEKE?
https://tools.ietf.org/html/draft-shin-tls-augpake-01
http://en.wikipedia.org/wiki/SPEKE_%28cryptography%29

Regards,
Shin


On Thu, Nov 7, 2013 at 6:02 AM, Dan Harkins <dharkins@lounge.org> wrote:

>
>   Hi Shin,
>
> On Wed, November 6, 2013 12:15 pm, SeongHan Shin wrote:
> > Hi all,
> >
> > The TLS WG is about to issue a LC for tls-pwd.
> > http://tools.ietf.org/html/draft-ietf-tls-pwd-01
> >
> > Is there any advantages of tls-pwd over tls-srp?
>
>   TLS-srp binds the password to a particular finite cyclic group
> and the user must use that group for the life of the password.
> TLS-pwd does not do this. With TLS-pwd you use the existing
> TLS mechanisms to select any of the existing FFC or ECC groups
> to use (and when new groups get defined they will automatically
> work). By divorcing the key generation parameters from the
> password it also allows for more consistent cipher suite plus
> group establishment-- e.g. use the brainpoolP256 group with
> SHA256 and AES-128-- to establish a certain security level
> for the connection.
>
>   regards,
>
>   Dan.
>
>
>
>


-- 
------------------------------------------------------------------
SeongHan Shin
Research Institute for Secure Systems (RISEC),
National Institute of Advanced Industrial Science and Technology (AIST),
Central 2, 1-1-1, Umezono, Tsukuba City, Ibaraki 305-8568 Japan
Tel : +81-29-861-2670/5284
Fax : +81-29-861-5285
E-mail : seonghan.shin@aist.go.jp
------------------------------------------------------------------