FYI - Round 2 candidates for IRTF Crypto Forum selection of IETF-standard
Password-based Authenticated Key Exchange protocols/algorithms.
---------- Forwarded message ---------
From: Stanislav V. Smyshlyaev <smyshsv at gmail.com>
Date: Wed, Nov 20, 2019 at 1:02 AM
Subject: [Cfrg] Round 2 of the PAKE selection process
To: CFRG <cfrg at irtf.org>
Cc: <cfrg-chairs at ietf.org>
Dear CFRG,
As we've announced at the CFRG session today, now we're starting the Round
2 of the PAKE selection process.
We have narrowed down choices to: two balanced (SPAKE2 and CPace) and two
augmented (OPAQUE and AuCPace).
Some additional information can be found in my slides from the IETF 106
CFRG meeting:
https://datatracker.ietf.org/meeting/106/materials/slides-106-cfrg-pake-selection-update
Please take a look at the plan and especially at Stage 1 - please send your
additional questions to be considered at Round 2 to crypto-panel at irtf.org
until December, 5th.
Round 2 of the PAKE selection process
Stage 1: November, 21st - December, 5th
Additional questions for all four candidates are collected from CFRG
participants (and Crypto Review Panel members). The questions can be of
one of possible types:
a) Requests for clarifications for the candidate protocols or their
proposed modifications (e.g., security of CPace and AuCPace without
negotiation of sid, security and convenient of SPAKE2 with a hash2curve
function used to obtain M and N for each pair of identifiers).
b) Questions to be taken into account in addition to ones collected at
Stage 1 of Round 1 (e.g., quantum annoyance, post-quantum preparedness).
The questions should be sent to crypto-panel at irtf.org.
Stage 2: December, 10th - December, 17th
A list of new questions is published on
https://github.com/cfrg/pake-selection; the CFRG is asked whether anything
else should be added.
Stage 3: December 25th - February, 10th
The authors of the candidates prepare their replies to the additional
questions/requested clarifications.
Stage 4: February, 12th - March, 10th
Crypto Review Panel members prepare new overall reviews (for all 4
remaining PAKEs) taking into account both the reviews obtained on Round 1
and new information obtained during Round 2.
IETF 107:
The CFRG chairs discuss the obtained reviews and make their recommendations
to CFRG (or convey to CFRG that they can’t make a recommendation yet).
If everything is clear:
- one (or zero) balanced PAKE is selected;
- one (or zero) augmented PAKE is selected;
- the process with CFRG document “Recommendations for password-based
authenticated key establishment in IETF protocols” is initiated: all
practically important recommendations (parameter selection, protecting
implementations against side-channel attacks, handling of counters etc.)
must be given there.
Best regards,
Stanislav Smyshlyaev
CFRG Secretary
_______________________________________________
Cfrg mailing list
Cfrg at irtf.orghttps://www.irtf.org/mailman/listinfo/cfrg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20191120/80999a0d/attachment.html>