IETF
cfrg
cfrg@jabber.ietf.org
Monday, November 5, 2018< ^ >
fenton has set the subject to: CFRG at IETF 102 - https://datatracker.ietf.org/meeting/102/materials/agenda-102-cfrg-04
Room Configuration
Room Occupants

GMT+0
[03:57:31] yone joins the room
[04:00:53] synp joins the room
[04:01:37] synp has set the subject to: CFRG at IETF 103 - https://datatracker.ietf.org/meeting/103/materials/agenda-103-cfrg-00
[04:06:43] synp leaves the room
[04:09:44] Meetecho joins the room
[04:11:28] SC6dXhp1 joins the room
[04:13:06] kaduk@jabber.org/barnowl joins the room
[04:15:13] John Border joins the room
[04:15:16] Dave Wheeler joins the room
[04:16:04] synp joins the room
[04:19:24] Sean Leonard joins the room
[04:20:15] Yoshiro Yoneya joins the room
[04:20:51] m&m joins the room
[04:21:37] <m&m> Hello all.  I'll be your Jabber relay today.  If you have anything you want relayed into the room, please preface it with "mic:"
[04:23:24] metricamerica joins the room
[04:23:44] sftcd joins the room
[04:24:42] Melinda joins the room
[04:25:35] Martin Thomson joins the room
[04:25:56] <Martin Thomson> the eyecharts will continue until morale improves
[04:27:12] <sftcd> suggestion wrt PAKE selection: s/1 or more/0 or more/
[04:27:34] <m&m> Martin Thomson at mic
[04:27:36] Satoru Kanno joins the room
[04:27:57] <m&m> Stephen Farrel at mic
[04:28:16] <m&m> Rich Salz at mic
[04:28:51] <m&m> Martin Thomson at mic
[04:29:17] <m&m> Seonghan at mic
[04:30:52] <m&m> Paul Hoffman at mic
[04:31:53] <m&m> Rich Salz at mic
[04:34:02] alexey.melnikov joins the room
[04:34:06] <m&m> Stanislav V. Smyshlyaev - ( https://datatracker.ietf.org/meeting/103/materials/slides-103-cfrg-randomness-improvements-for-security-protocols-00 )
[04:36:02] nat joins the room
[04:36:12] <alexey.melnikov> Martin Thomson asked for a PAKE from CFRG ASAP.
[04:36:28] <kaduk@jabber.org/barnowl> "please pick a date, and make it soon"
[04:37:22] <m&m> Martin Thomson at mic
[04:44:46] <Martin Thomson> So Sign(K, tag1) is only guaranteed if K can't be used to sign tag1.  How is that guaranteed?
[04:45:24] <kaduk@jabber.org/barnowl> "use a context input to your signature scheme for uses other than
this"
[04:45:42] <Martin Thomson> hmm, that's a little weak
[04:46:03] <kaduk@jabber.org/barnowl> "but he just said that the assumptions are all reasonable"
[04:46:25] <m&m> Valery at mic
[04:46:39] <Martin Thomson> kaduk@jabber.org/barnowl: are these quoting something, or are you saying something?
[04:47:42] <m&m> Paul Hoffman at mic
[04:47:44] <kaduk@jabber.org/barnowl> I am air quoting myself
[04:48:02] <sftcd> have there been any studies of side-channels for using HKDF like this? G(L) is used as the key, so if the HKDF implementation is side-channel resistant already this also ought be ok, but I dunno if HKDF implementations have worried about that
[04:48:22] <m&m> Chris Wood at mic
[04:49:21] Christopher Wood joins the room
[04:49:22] <Martin Thomson> I don't think that HKDF has any inherent side-channels, but I agree that there might be some around the edges
[04:49:30] <m&m> Nick Sullivan ( https://datatracker.ietf.org/meeting/103/materials/slides-103-cfrg-hash2curve-00 )
[04:50:00] <Christopher Wood> I'm not aware of any side channels for HKDF
[04:50:08] <Christopher Wood> Happy to be shown otherwise though
[04:52:25] <sftcd> can't access the paper now, but https://link.springer.com/chapter/10.1007/978-981-10-4154-9_31 seems like it should be relevant maybe (I've not read it, just found with a search)
[04:53:08] <Christopher Wood> paywall ftw
[04:54:09] <sftcd> yeah, didn't see a version without paywall so far
[04:54:38] <kaduk@jabber.org/barnowl> TCD doesn't have a subscription?
[04:54:53] <sftcd> they do, but I'm on the ietf n/w
[04:55:17] <kaduk@jabber.org/barnowl> And you don't believe in VPNs? ;)
[04:55:44] <sftcd> not VPNing into TCD, no, I VPN out more often:-)
[04:57:11] Christopher Wood leaves the room
[04:58:27] <m&m> ( https://datatracker.ietf.org/meeting/103/materials/slides-103-cfrg-voprf-00 )
[05:01:12] <m&m> Richard Barnes at mic
[05:01:38] <m&m> ekr at mic
[05:05:28] <Martin Thomson> so... "s" isn't sent  on the wire?
[05:06:06] <Martin Thomson> because the diagram shows s being sent from the prover in the first transaction and received at the second
[05:06:21] terrebyte joins the room
[05:06:36] Christopher Wood joins the room
[05:10:49] <m&m> Stanislav at mic
[05:11:40] <m&m> Richard Barnes at mic
[05:13:14] <m&m> Stanislav at mic
[05:14:18] Christopher Wood leaves the room: Stream reset by peer
[05:14:38] <m&m> Seonghan at mic
[05:15:20] <m&m> Richard Barnes at mic
[05:16:07] <m&m> Chris Wood at mic
[05:16:20] <m&m> ekr at mic
[05:16:53] synp leaves the room
[05:16:56] sftcd leaves the room
[05:17:02] Martin Thomson leaves the room
[05:17:02] yone leaves the room
[05:17:08] m&m leaves the room
[05:17:48] Yoshiro Yoneya leaves the room
[05:17:48] Dave Wheeler leaves the room
[05:17:48] John Border leaves the room
[05:17:48] Satoru Kanno leaves the room
[05:17:48] Sean Leonard leaves the room
[05:18:00] Martin Thomson joins the room
[05:18:30] Martin Thomson leaves the room
[05:19:02] Martin Thomson joins the room
[05:19:02] Martin Thomson leaves the room
[05:20:43] metricamerica leaves the room
[05:23:31] nat leaves the room: Machine is going to sleep
[05:25:06] Meetecho leaves the room
[05:26:00] Melinda leaves the room: Disconnected: Replaced by new connection
[05:26:01] Melinda joins the room
[05:30:25] alexey.melnikov leaves the room
[05:31:03] Melinda joins the room
[05:31:18] Melinda leaves the room
[05:40:16] terrebyte leaves the room
[05:40:19] terrebyte joins the room
[06:31:56] Martin Thomson joins the room
[06:43:09] Christopher Wood joins the room
[06:43:54] Melinda leaves the room
[06:43:55] Melinda joins the room
[06:44:33] Christopher Wood leaves the room
[06:46:06] Melinda joins the room
[06:47:43] Melinda leaves the room
[06:47:52] ilari.liusvaara joins the room
[06:49:54] nat joins the room
[06:50:46] Martin Thomson leaves the room
[06:53:10] Melinda joins the room
[06:53:20] Melinda leaves the room
[06:53:24] nat leaves the room
[06:53:56] Martin Thomson joins the room
[06:57:15] terrebyte leaves the room
[06:58:05] ilari.liusvaara leaves the room
[06:58:31] terrebyte joins the room
[07:04:07] terrebyte leaves the room
[07:04:10] terrebyte joins the room
[07:10:56] Martin Thomson leaves the room
[07:12:14] Martin Thomson joins the room
[07:15:17] ilari.liusvaara joins the room
[07:41:33] Martin Thomson leaves the room
[07:42:26] Martin Thomson joins the room
[07:51:01] alexey.melnikov joins the room
[08:15:01] alexey.melnikov leaves the room
[08:52:33] ilari.liusvaara leaves the room
[08:53:51] Martin Thomson leaves the room
[09:28:36] Melinda leaves the room: Disconnected: Replaced by new connection
[09:28:37] Melinda joins the room
[09:41:04] Martin Thomson joins the room
[09:49:17] Martin Thomson leaves the room
[09:56:20] Martin Thomson joins the room
[09:58:07] alexey.melnikov joins the room
[09:58:51] Martin Thomson leaves the room
[10:25:08] Melinda leaves the room: Disconnected: Replaced by new connection
[10:25:10] Melinda joins the room
[10:25:23] Melinda leaves the room: Disconnected: Replaced by new connection
[10:25:25] Melinda joins the room
[10:25:41] Melinda leaves the room
[10:25:42] Melinda joins the room
[10:28:10] alexey.melnikov leaves the room
[10:28:21] Melinda leaves the room
[10:28:22] Melinda joins the room
[10:31:28] Melinda leaves the room: Disconnected: Replaced by new connection
[10:31:30] Melinda joins the room
[10:32:50] Melinda leaves the room: Disconnected: Replaced by new connection
[10:32:51] Melinda joins the room
[10:34:29] alexey.melnikov joins the room
[11:33:57] alexey.melnikov leaves the room
[15:56:49] Melinda leaves the room: Disconnected: No route to host
[22:08:22] terrebyte leaves the room
[22:09:15] terrebyte joins the room
Powered by ejabberd - robust, scalable and extensible XMPP server Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!