Re: [TLS] is it good using password for authentication only?

"Bingzheng Wu" <> Fri, 19 June 2015 11:03 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id BC0881A894E for <>; Fri, 19 Jun 2015 04:03:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.1
X-Spam-Status: No, score=-1.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, J_CHICKENPOX_48=0.6, MIME_8BIT_HEADER=0.3, MIME_QP_LONG_LINE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id lXD9KqdTMgi1 for <>; Fri, 19 Jun 2015 04:03:07 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 6E9091A894A for <>; Fri, 19 Jun 2015 04:03:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=default; t=1434711785; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type; bh=uCocMO6y1AnR75p5Rr3q67cltFDxPLNwdRsemcLMUMQ=; b=trSZx3uKBOnF3ErtRlKkMK63bPDQHzWvFSckQA2UB1dTRpqBcJvpZv/BL2ee9yKhRe2uS/Rn5IEYY3jd72SGUgCoulRS4BZVclGEdDwnKeOdTqHbaMet1jINKs6VrmFAShinlMZaZpjO4Y3OUmTXvgPDY3NLGjQeSfjt/AGkFCo=
X-Alimail-AntiSpam: AC=PASS; BC=-1|-1; BR=01201311R141e4; FP=0|-1|-1|-1|0|-1|-1|-1; HT=r46d02008;; PH=DW; RN=2; RT=2; SR=0;
Received: from WS-web ([]) by at Fri, 19 Jun 2015 19:03:02 +0800
Date: Fri, 19 Jun 2015 19:03:02 +0800
From: Bingzheng Wu <>
To: "武炳正(允中)" <>, tls <>
Message-ID: <----3-------MPf3-$>
X-Mailer: Alimail-Mailagent revision 2698616
MIME-Version: 1.0
References: <----3-------MPf3-$>, 011401d0aa68$af6818e0$0e384aa0$
In-Reply-To: 011401d0aa68$af6818e0$0e384aa0$
x-aliyun-mail-creator: W4_2697534_hLSTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgNi4xOyBXT1c2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzQzLjAuMjM1Ny4xMjQgU2FmYXJpLzUzNy4zNg==2I
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Subject: Re: [TLS] is it good using password for authentication only?
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Bingzheng Wu <>
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 19 Jun 2015 11:03:07 -0000

I am wrong again. Adding master-secret is useless.

Now I think that asymmetric crypto must be used to prevent offline directory attack, which is the way PAKE works as.

Sorry for disturbing.

From:武炳正(允中) <>
Time:2015 Jun 19 (Fri) 16:19
To:武炳正(允中) <>, tls <>
Subject:RE: [TLS] is it good using password for authentication only?

Maybe I realize the problem. The PasswordVerify message is susceptible to
offline dictionary attacks.

Dose it become resistant to the attack if we add some secret generated from
master-secret into the HASH?

  PasswordVerify = HASH(username, passward, handshake_message_hash,
master-secret, label)

This becomes involved with key-exchange, but it is not involved with any
specific key-exchange method.
It just need the key-exchange result.