[prev in list] [next in list] [prev in thread] [next in thread] 

List:       cfrg
Subject:    Re: [CFRG] I-D Action: draft-irtf-cfrg-opaque-11.txt
From:       "Christopher Wood" <caw () heapingbits ! net>
Date:       2023-06-08 21:50:49
Message-ID: ad4dd218-448f-49a7-b071-92150af22131 () app ! fastmail ! com
[Download RAW message or body]

This change has a number of updates, perhaps the biggest one being a reframing of the \
3DH operation. Previously, we described 3DH in terms of operations on a prime-order \
group, whereas now we describe it in terms of DH functions. Test vectors for a \
variant build on x25519 have also been included. 

One open question we had for the group is captured in #414 [1]. Basically, when \
deriving a Curve25519 private key from some input seed is it _necessary_ to apply \
some form of random oracle or KDF? Currently, we don't do this, but it would be \
trivial to add. Thoughts and feedback welcome!

After this is resolved, we believe the document is ready for RGLC.

Best,
Chris

[1] https://github.com/cfrg/draft-irtf-cfrg-opaque/issues/414

On Thu, Jun 8, 2023, at 5:45 PM, internet-drafts@ietf.org wrote:
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories. This Internet-Draft is a work item of the Crypto Forum (CFRG) RG
> of the IRTF.
> 
> Title           : The OPAQUE Asymmetric PAKE Protocol
> Authors         : Daniel Bourdrez
> Hugo Krawczyk
> Kevin Lewi
> Christopher A. Wood
> Filename        : draft-irtf-cfrg-opaque-11.txt
> Pages           : 79
> Date            : 2023-06-08
> 
> Abstract:
> This document describes the OPAQUE protocol, a secure asymmetric
> password-authenticated key exchange (aPAKE) that supports mutual
> authentication in a client-server setting without reliance on PKI and
> with security against pre-computation attacks upon server compromise.
> In addition, the protocol provides forward secrecy and the ability to
> hide the password from the server, even during password registration.
> This document specifies the core OPAQUE protocol and one
> instantiation based on 3DH.
> 
> The IETF datatracker status page for this Internet-Draft is:
> https://datatracker.ietf.org/doc/draft-irtf-cfrg-opaque/
> 
> There is also an HTML version available at:
> https://www.ietf.org/archive/id/draft-irtf-cfrg-opaque-11.html
> 
> A diff from the previous version is available at:
> https://author-tools.ietf.org/iddiff?url2=draft-irtf-cfrg-opaque-11
> 
> Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts
> 
> 
> _______________________________________________
> CFRG mailing list
> CFRG@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg

_______________________________________________
CFRG mailing list
CFRG@irtf.org
https://www.irtf.org/mailman/listinfo/cfrg


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic