From mcgrew@cisco.com Tue Mar 6 04:05:27 2012 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2804821F87EB for ; Tue, 6 Mar 2012 04:05:27 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -109.399 X-Spam-Level: X-Spam-Status: No, score=-109.399 tagged_above=-999 required=5 tests=[AWL=0.400, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, SARE_SUB_RAND_LETTRS4=0.799, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zxyoROdIV48j for ; Tue, 6 Mar 2012 04:05:26 -0800 (PST) Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) by ietfa.amsl.com (Postfix) with ESMTP id 3D82821F8633 for ; Tue, 6 Mar 2012 04:05:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=mcgrew@cisco.com; l=5938; q=dns/txt; s=iport; t=1331035526; x=1332245126; h=from:mime-version:subject:date:references:cc:to: message-id; bh=kpymqG67aWRvQpnG+ReRVbAcJbZ+DGjUR/dKHlYMrVU=; b=EZ0HD4rMQRmsOyoOSVcK+z9ZbJ7NmDto3ppEZvU63P7ekt/XA0iZARkS nm9XUB4OUL4BHB2F0dL9CeqkjS/+T1Kk0I3Y60WdlFAGiyjNFEQdAp+9g +7+maPAtohkLogATQJdoH1DdpaS8Ca0a4t+o8gzirbqBsCfEuBphqDD4I A=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AgAFAEr8VU+tJV2d/2dsb2JhbABDq2gBiRGBB4F9AQEBAwESAWQCBQscAwECL00CCBkih2AFC5o8AZ8bjTyCP2MEiFCMbpAWgwE X-IronPort-AV: E=Sophos;i="4.73,539,1325462400"; d="scan'208,217";a="64137137" Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by rcdn-iport-4.cisco.com with ESMTP; 06 Mar 2012 12:05:25 +0000 Received: from rtp-vpn2-108.cisco.com (rtp-vpn2-108.cisco.com [10.82.240.108]) by rcdn-core-6.cisco.com (8.14.3/8.14.3) with ESMTP id q26C5Pg8023812; Tue, 6 Mar 2012 12:05:25 GMT From: David McGrew Mime-Version: 1.0 (Apple Message framework v1257) Content-Type: multipart/alternative; boundary="Apple-Mail=_E06EC0A5-1FBC-462D-AFEA-3E75BF75E06D" Date: Tue, 6 Mar 2012 07:05:24 -0500 References: <20120306013557.28230.85978.idtracker@ietfa.amsl.com> To: cfrg@irtf.org Message-Id: X-Mailer: Apple Mail (2.1257) Subject: [Cfrg] Fwd: New Version Notification for draft-irtf-cfrg-cipher-catalog-00.txt X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Mar 2012 12:05:27 -0000 --Apple-Mail=_E06EC0A5-1FBC-462D-AFEA-3E75BF75E06D Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii Hi, the initial version of "Ciphers in Use in the Internet" is now available = at . = Sean and I ask for your review, constructive criticism, and input. = Some parts of the draft need more detail and organization, but it should = be in sound enough shape for review. =20 If you have text to contribute, that would be appreciated, especially if = you can supply citations for the more consequential statements. =20 regards, David Begin forwarded message: > From: internet-drafts@ietf.org > Subject: New Version Notification for = draft-irtf-cfrg-cipher-catalog-00.txt > Date: March 5, 2012 8:35:57 PM EST > To: mcgrew@cisco.com > Cc: shenshuo@cnnic.cn >=20 > A new version of I-D, draft-irtf-cfrg-cipher-catalog-00.txt has been = successfully submitted by David McGrew and posted to the IETF = repository. >=20 > Filename: draft-irtf-cfrg-cipher-catalog > Revision: 00 > Title: Ciphers in Use in the Internet > Creation date: 2012-03-05 > WG ID: Individual Submission > Number of pages: 63 >=20 > Abstract: > This note catalogs the ciphers in use on the Internet, to guide = users > and standards processes. It presents the security goals, security > analysis and results, specification, intellectual property > considerations, and publication dates of each cipher. Background > information and security guidance is provided as well. >=20 >=20 >=20 >=20 > The IETF Secretariat --Apple-Mail=_E06EC0A5-1FBC-462D-AFEA-3E75BF75E06D Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii http= ://tools.ietf.org/html/draft-irtf-cfrg-cipher-catalog-00>. =   Sean and I ask for your review, constructive criticism, and = input.    Some parts of the draft need more detail and = organization, but it should be in sound enough shape for review. =   

If you have text to contribute, = that would be appreciated, especially if you can supply citations for = the more consequential statements. =  

regards,

David

Begin forwarded message:

Subject: New Version Notification for = draft-irtf-cfrg-cipher-catalog-00.txt
Date: March 5, 2012 = 8:35:57 PM EST
Cc: shenshuo@cnnic.cn
A new version of I-D, draft-irtf-cfrg-cipher-catalog-00.txt has = been successfully submitted by David McGrew and posted to the IETF = repository.

Filename: = draft-irtf-cfrg-cipher-catalog
Revision: 00
Title: Ciphers = in Use in the Internet
Creation date: 2012-03-05
WG ID: = Individual Submission
Number of pages: 63

Abstract:
=   This note catalogs the ciphers in use on the Internet, to = guide users
  and standards processes.  It presents = the security goals, security
  analysis and results, = specification, intellectual property
  considerations, and = publication dates of each cipher.  Background
=   information and security guidance is provided as = well.




The IETF = Secretariat

= --Apple-Mail=_E06EC0A5-1FBC-462D-AFEA-3E75BF75E06D-- From simon@josefsson.org Tue Mar 6 05:16:56 2012 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD07621F88C4 for ; Tue, 6 Mar 2012 05:16:56 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -101.874 X-Spam-Level: X-Spam-Status: No, score=-101.874 tagged_above=-999 required=5 tests=[AWL=-2.764, BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, HELO_MISMATCH_COM=0.553, HOST_EQ_STATICB=1.372, SARE_SUB_RAND_LETTRS4=0.799, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wYlcBkcULm39 for ; Tue, 6 Mar 2012 05:16:56 -0800 (PST) Received: from yxa-v.extundo.com (static-213-115-179-173.sme.bredbandsbolaget.se [213.115.179.173]) by ietfa.amsl.com (Postfix) with ESMTP id 1B8A421F88E1 for ; Tue, 6 Mar 2012 05:16:55 -0800 (PST) Received: from latte.josefsson.org (static-213-115-179-130.sme.bredbandsbolaget.se [213.115.179.130]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id q26DGeV3021663 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Tue, 6 Mar 2012 14:16:42 +0100 From: Simon Josefsson To: David McGrew References: <20120306013557.28230.85978.idtracker@ietfa.amsl.com> OpenPGP: id=B565716F; url=http://josefsson.org/key.txt X-Hashcash: 1:22:120306:mcgrew@cisco.com::4RkbzqEHu6Ii7BFx:0det X-Hashcash: 1:22:120306:cfrg@irtf.org::7MRmC5MEj8yhOrmD:E77q Date: Tue, 06 Mar 2012 14:16:40 +0100 In-Reply-To: (David McGrew's message of "Tue, 6 Mar 2012 07:05:24 -0500") Message-ID: <87lind50p3.fsf@latte.josefsson.org> User-Agent: Gnus/5.130003 (Ma Gnus v0.3) Emacs/24.0.93 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-Virus-Scanned: clamav-milter 0.97.3 at yxa-v X-Virus-Status: Clean Cc: cfrg@irtf.org Subject: Re: [Cfrg] Fwd: New Version Notification for draft-irtf-cfrg-cipher-catalog-00.txt X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Mar 2012 13:16:57 -0000 David McGrew writes: > Hi, > > the initial version of "Ciphers in Use in the Internet" is now > available at > . Sean > and I ask for your review, constructive criticism, and input. Some > parts of the draft need more detail and organization, but it should be > in sound enough shape for review. > > If you have text to contribute, that would be appreciated, especially > if you can supply citations for the more consequential statements. Hi. First an editorial issue, but one that affects readability negatively: there appears to be many '!' and other characters inserted at various points in the document. Section 5.5 on Blowfish says "supports keys lengths 32,64,96,!, and 448" however blowfish supports variable-length keys between 1 and 448 bits. It also says 'IETF use includes None'. Blowfish is mentioned in the following list of RFCs. I have not verified how many of them make any normative use of the reference though. rfc2367.txt rfc2407.txt rfc2409.txt rfc2440.txt rfc2451.txt rfc2628.txt rfc2786.txt rfc2828.txt rfc3211.txt rfc3316.txt rfc4037.txt rfc4250.txt rfc4251.txt rfc4253.txt rfc4301.txt rfc4306.txt rfc4344.txt rfc4718.txt rfc4880.txt rfc4949.txt rfc5201.txt rfc5202.txt rfc5374.txt rfc5996.txt rfc6020.txt rfc6071.txt rfc6476.txt Section 6.3 on RC4 could say that RC4 has been claimed to be a registered trademark, similar to what is said about RC2. /Simon From smb@cs.columbia.edu Sun Mar 11 05:53:46 2012 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3017D21F84BF for ; Sun, 11 Mar 2012 05:53:46 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 2.72 X-Spam-Level: ** X-Spam-Status: No, score=2.72 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, DATE_IN_PAST_06_12=1.069, J_CHICKENPOX_23=0.6, J_CHICKENPOX_44=0.6, J_CHICKENPOX_48=0.6, MIME_CHARSET_FARAWAY=2.45] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uAqoGF-d6ZjG for ; Sun, 11 Mar 2012 05:53:45 -0700 (PDT) Received: from rambutan.cc.columbia.edu (rambutan.cc.columbia.edu [128.59.29.5]) by ietfa.amsl.com (Postfix) with ESMTP id 6876021F84B2 for ; Sun, 11 Mar 2012 05:53:45 -0700 (PDT) Received: from [192.168.1.183] (46-117-231-34.bb.netvision.net.il [46.117.231.34]) (user=smb2132 mech=PLAIN bits=0) by rambutan.cc.columbia.edu (8.14.4/8.14.3) with ESMTP id q2BCrYmv005426 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Sun, 11 Mar 2012 08:53:43 -0400 (EDT) Mime-Version: 1.0 (Apple Message framework v1257) Content-Type: text/plain; charset=GB2312 From: Steven Bellovin In-Reply-To: Date: Sun, 11 Mar 2012 00:32:47 -0500 Content-Transfer-Encoding: quoted-printable Message-Id: <388059C0-E097-43D6-8472-B8874D535140@cs.columbia.edu> References: To: zhou.sujing@zte.com.cn X-Mailer: Apple Mail (2.1257) X-No-Spam-Score: Local X-Scanned-By: MIMEDefang 2.68 on 128.59.29.5 Cc: cfrg@irtf.org Subject: Re: [Cfrg] [saag] New draft: Hashed Password Exchange X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 Mar 2012 12:53:46 -0000 On Feb 1, 2012, at 3:13 AM, zhou.sujing@zte.com.cn wrote: >=20 > Hi,all=20 >=20 > cfrg-bounces@irtf.org =D0=B4=D3=DA 2012-01-07 17:03:25: >=20 > >=20 > >=20 > > On Wed, January 4, 2012 2:56 pm, Steven Bellovin wrote: > > > Good point; let me think about it for -01. An obvious solution is = to send > > > the hostname with the effective password. > >=20 > > How is that different than using random salt then? If _something_ = is > > going to be sent shouldn't it be a uniformly random bitstring = instead of > > a hostname? > >=20 > > A uniformly random bitstring would be more appropriate as a key to > > HMAC than a highly structured string like a password too. Iterate > > HMAC(salt, password | service-URI) instead of HMAC(password, = service-URI).=20 >=20 >=20 >=20 > I think Dan's suggestion is reasonable, I checked the RFC 2104 and = found the following section :=20 >=20 > "3. Keys=20 >=20 > The key for HMAC can be of any length (keys longer than B bytes are=20= > first hashed using H). However, less than L bytes is strongly=20 > discouraged as it would decrease the security strength of the=20 > function. Keys longer than L bytes are acceptable but the extra=20 > length would not significantly increase the function strength. (A=20= > longer key may be advisable if the randomness of the key is=20 > considered weak.)=20 >=20 > Keys need to be chosen at random (or using a cryptographically = strong=20 > pseudo-random generator seeded with a random seed), and = periodically=20 > refreshed. (Current attacks do not indicate a specific recommended=20= > frequency for key changes as these attacks are practically=20 > infeasible. However, periodic key refreshment is a fundamental=20 > security practice that helps against potential weaknesses of the=20 > function and keys, and limits the damage of an exposed key.)"=20 >=20 >=20 > Since passwords are often not too long, and not so random, it is = better=20 > to hash it before using it as a key in a HMAC.=20 Although hashing the password first certainly doesn't hurt, I read that text as more related to brute force attacks against the key, rather than to any limitation of the underlying function. Hugo -- are you on this = list? Could you clarify? --Steve Bellovin, https://www.cs.columbia.edu/~smb From mcgrew@cisco.com Fri Mar 23 12:13:15 2012 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B10DC21F86BA for ; Fri, 23 Mar 2012 12:13:15 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -109.803 X-Spam-Level: X-Spam-Status: No, score=-109.803 tagged_above=-999 required=5 tests=[AWL=0.796, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xkkqZZnWZzD3 for ; Fri, 23 Mar 2012 12:13:11 -0700 (PDT) Received: from mtv-iport-3.cisco.com (mtv-iport-3.cisco.com [173.36.130.14]) by ietfa.amsl.com (Postfix) with ESMTP id 2B0C521E8054 for ; Fri, 23 Mar 2012 12:13:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=mcgrew@cisco.com; l=679; q=dns/txt; s=iport; t=1332529991; x=1333739591; h=from:content-transfer-encoding:subject:date:message-id: to:mime-version; bh=zl4tWkKnEBbnjrL7MPshxZWzUS1pPMTxUIDzzLMiWRk=; b=B+1a/nkuNkcPiJNFNP7FkYbh6odF+EP5STKDkGr9Y1xLzmy926tiAOtD pWbRvnaWJUZlkhdX4jLtTSCkYdjJUEiLoSFxwRbSTCxwI1PssOejweKwq kEGaaIHp60g64jr9F9ZPTlhOHPPPXatPbFna8b3S7LuNnam+MwSFw+2Tn 8=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AvwEAMPKbE+rRDoI/2dsb2JhbABFuBKBB4IiASeCJA6HZ5hngSeefI1hgkFjBJVgizODEYFogwM X-IronPort-AV: E=Sophos;i="4.73,637,1325462400"; d="scan'208";a="34844143" Received: from mtv-core-3.cisco.com ([171.68.58.8]) by mtv-iport-3.cisco.com with ESMTP; 23 Mar 2012 19:13:10 +0000 Received: from stealth-10-32-254-213.cisco.com (stealth-10-32-254-213.cisco.com [10.32.254.213]) by mtv-core-3.cisco.com (8.14.3/8.14.3) with ESMTP id q2NJDARC026934 for ; Fri, 23 Mar 2012 19:13:10 GMT From: David McGrew Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Date: Fri, 23 Mar 2012 15:13:09 -0400 Message-Id: <77DCBEDC-DED0-49B6-8272-69495E950CA8@cisco.com> To: cfrg@irtf.org Mime-Version: 1.0 (Apple Message framework v1257) X-Mailer: Apple Mail (2.1257) Subject: [Cfrg] Workshop on Directions in Authenticated Ciphers (DIAC) X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Mar 2012 19:13:15 -0000 Just announced at the FSE 2012 rump session this week: a Workshop on = Directions in Authenticated Ciphers (DIAC), July 05 - 06, 2012. =20 =46rom : "Users, starting with a shared = secret key, need to protect messages against espionage and against = forgery. Dissatisfaction with the security and performance of current = approaches has led to calls for a new competition for authenticated = ciphers. The purpose of this workshop is to evaluate the state of the = art in authenticated encryption and gather community input regarding = desired future directions." This is a research effort, and not a standards effort. =20 David= From mcgrew@cisco.com Fri Mar 23 12:19:19 2012 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E424721F85F6 for ; Fri, 23 Mar 2012 12:19:19 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -109.902 X-Spam-Level: X-Spam-Status: No, score=-109.902 tagged_above=-999 required=5 tests=[AWL=0.697, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lnW8Idn8373s for ; Fri, 23 Mar 2012 12:19:15 -0700 (PDT) Received: from mtv-iport-1.cisco.com (mtv-iport-1.cisco.com [173.36.130.12]) by ietfa.amsl.com (Postfix) with ESMTP id 8CB1821F85A1 for ; Fri, 23 Mar 2012 12:19:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=mcgrew@cisco.com; l=676; q=dns/txt; s=iport; t=1332530355; x=1333739955; h=from:content-transfer-encoding:subject:date:message-id: cc:to:mime-version; bh=YsUpGpjrqK5N+Ovg1yfpi9Tk/zoXCD5rE3c0OoNYQvo=; b=GyjKqJUVa/Lp6DjMAYM9C76cH/T9Lmbc0Hde0yAc7E8VHpUOUWDMrHlJ 3n+TXjJgxL06QXNI4VS6kp/9WVC2Rz/r2kXyqViVlG3Eh6nQTqpSoppPs YARIf5K/K4UgPWUxXISIKiKSeu0n1xx+IkNOPKpFGiKuk0Xgcc2Bq1UQQ g=; X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AvwEAJ3LbE+rRDoG/2dsb2JhbABFuBKBB4IiASc/S4Eoh2cMmgWeeo1hAoI/YwSVYI5EgWiDAw X-IronPort-AV: E=Sophos;i="4.73,637,1325462400"; d="scan'208";a="34308105" Received: from mtv-core-1.cisco.com ([171.68.58.6]) by mtv-iport-1.cisco.com with ESMTP; 23 Mar 2012 19:19:15 +0000 Received: from stealth-10-32-254-213.cisco.com (stealth-10-32-254-213.cisco.com [10.32.254.213]) by mtv-core-1.cisco.com (8.14.3/8.14.3) with ESMTP id q2NJJEW0028465; Fri, 23 Mar 2012 19:19:14 GMT From: David McGrew Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Date: Fri, 23 Mar 2012 15:19:14 -0400 Message-Id: To: cfrg@irtf.org Mime-Version: 1.0 (Apple Message framework v1257) X-Mailer: Apple Mail (2.1257) Subject: [Cfrg] agenda for meeting at IETF 83 X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Mar 2012 19:19:20 -0000 HI All,=20 here is the agenda for the meeting next week. Same as posted on the = IETF site, but with the addition of Rene's talk. David and Kevin Introduction and Welcome (5 minutes) CFRG status (5 minutes) Hash-based passwords (15 minutes, Steve Bellovin) Password Authenticated Key Exchange (25 minutes, Dan Harkins) 5 minutes for PAKE discussion Ciphers in Use on the Internet (10 minutes, Sean Shen) OCBv3 (20 minutes, Rogaway) Elliptic curve considerations (20 minutes, Rene Struik) CFRG review of IETF uses of crypto (10 minutes, discussion) 1120-1330 Afternoon Sessions I and II, Room 212/213 From yutaka-oiwa-aist-temp@g.oiwa.jp Fri Mar 30 04:25:15 2012 Return-Path: X-Original-To: cfrg@ietfa.amsl.com Delivered-To: cfrg@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E2DB321F877F for ; Fri, 30 Mar 2012 04:25:15 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.977 X-Spam-Level: X-Spam-Status: No, score=-2.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1] Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ju9I2mDU+Sqa for ; Fri, 30 Mar 2012 04:25:15 -0700 (PDT) Received: from mail-wi0-f172.google.com (mail-wi0-f172.google.com [209.85.212.172]) by ietfa.amsl.com (Postfix) with ESMTP id 21D0E21F8721 for ; Fri, 30 Mar 2012 04:25:14 -0700 (PDT) Received: by wibhj6 with SMTP id hj6so511351wib.1 for ; Fri, 30 Mar 2012 04:25:14 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:sender:from:date:x-google-sender-auth:message-id :subject:to:x-gm-message-state:content-type :content-transfer-encoding; bh=X6+AXtxflLnTQ+7y60AQgBc6nLrKFRWDGJpammtglOM=; b=XnLfdFyY9w0dB3rLB0OuiD91qwR/KrdQgQO5zzSKJC4LD5zPbq1sS4LKXbBybECQMY gmRFqZo4oyFOobjYCwdFw2zAudAXWZKoU7rQO6Pq87FfS17R/q/VlIYCRRglbXI6AqeL U8HfGYxCItvWFLAVbR72QDwV79QgA7wbqQCvecX9BZYZDwc3O73YyND9Qgtyrdwi4uSh 9I2zR2IazB2Cfo6yhhxw8/bmAQLgNRd7R05hjwJknMHdAE8g6Qbk4FrWexCyZFaZonU7 dT1LaxZU1O6blT2oy0MOtBhyhBu8k7arbEL9GJXib8bysuXDvEJJDamVlbKEqYOKGVmV CDlw== Received: by 10.180.20.47 with SMTP id k15mr5461761wie.19.1333106714084; Fri, 30 Mar 2012 04:25:14 -0700 (PDT) MIME-Version: 1.0 Sender: yutaka-oiwa-aist-temp@g.oiwa.jp Received: by 10.216.167.75 with HTTP; Fri, 30 Mar 2012 04:24:53 -0700 (PDT) From: Yutaka OIWA Date: Fri, 30 Mar 2012 20:24:53 +0900 X-Google-Sender-Auth: pK2qlTYdc4BuCDnOCCg8WWyvElQ Message-ID: To: cfrg@irtf.org X-Gm-Message-State: ALoCoQkUbNWq6Pa/7//GG5gaFBEL/1/2AwA+c3xhCCII4Kje2vhTHm4noMsOicCHNdeGTp4yBYZ0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: [Cfrg] HTTP Mutual Authentication information X-BeenThere: cfrg@irtf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Crypto Forum Research Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Mar 2012 11:25:16 -0000 Dear all, The following is the draft of the HTTP PAKE application I mentioned in the meeting: http://tools.ietf.org/html/draft-oiwa-http-mutualauth-10 This is the core document of the proposal. http://tools.ietf.org/html/draft-oiwa-http-mutualauth-algo-01 This is the companion draft defining one specific crypt scheme: http://tools.ietf.org/html/draft-oiwa-http-auth-extension-00 This is another companion draft, defining non-crypto extensions which is needed to accommodate current Form-based applications to HTTP authentication. Please also refer https://www.rcis.aist.go.jp/special/MutualAuth/index-en.html for implementations, UI considerations, past presentations in IETF and more= . Cheers, Yutaka --=20 Yutaka OIWA, Ph.D. =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 = =A0 =A0 =A0 =A0 =A0 Research Scientist =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0Research Center for = Information Security (RCIS) =A0 =A0National Institute of Advanced Industrial Science and Technology (AI= ST) =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0Mail addresses: , OpenPGP: id[440546B5] fp[7C9F 723A 7559 3246 229D =A03139 8677 9BD2 4405 46= B5]