[Meta] Track CFRG PAKE competition outcome

Question

[Meta] Track CFRG PAKE competition outcome

markafoltz opened this issue 5 years ago · 1 comments

This issue is to track the CFRG PAKE selection process going on in the IETF. When that process completes, if they pick a PAKE other than SPAKE2, we should consider swapping out SPAKE2 if there are no implementations shipped yet.

https://github.com/cfrg/pake-selection

They aren't tracking progress in GitHub, instead conversations are happening on the cfrg@ietf.org mailing list. I will set myself up to lurk there to monitor progress.

Answer 1 · 2020-10-18T19:05:36.000Z

The IETF CFRG has completed the second round of review of candidate PAKE algorithms in March of this year.

https://github.com/cfrg/pake-selection#reviews-by-crypto-review-panel-round-2

The panel of experts made the following recommendations:

We recommend the following two protocols to be selected as «recommended by
the CFRG for usage in IETF protocols»: one balanced PAKE - CPace, and one
augmented PAKE - OPAQUE.

https://mailarchive.ietf.org/arch/msg/cfrg/LKbwodpa5yXo6VuNDU66vt_Aca8/

CPACE is being written up here:

https://datatracker.ietf.org/doc/draft-irtf-cfrg-cpace/

OPAQUE is being written up here:

https://datatracker.ietf.org/doc/draft-irtf-cfrg-opaque/

The next steps are to evaluate the assumptions and suitability of these two algorithms for our use case, and possibly follow up with the IETF draft author(s) with any questions or feedback.