[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New work for sacred working group?

To: pgut001@xxxxxxxxxxxxxxxxx, stephen.farrell@xxxxxxxxx
Subject: Re: New work for sacred working group?
From: pgut001@xxxxxxxxxxxxxxxxx (Peter Gutmann)
Date: Tue, 28 Jun 2005 03:56:32 +1200
Cc: ietf-sacred@xxxxxxx, jas@xxxxxxxxxxx, magnus@xxxxxxxxxxxxxxx
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-sacred/mail-archive/>
List-id: <ietf-sacred.imc.org>
List-unsubscribe: <mailto:ietf-sacred-request@imc.org?body=unsubscribe>
Sender: owner-ietf-sacred@xxxxxxxxxxxx

Stephen Farrell <stephen.farrell@xxxxxxxxx> writes:

>So I would guess that for sacred, TLS-PSK isn't an unencumbered equivalent
>since offline dictionary attacks are a high priority here. Or am I misreading
>something?

Oh, that's only if you use the weakest (most lightweight) form of PSK, with
the entire shared secret being the PSK.  In this form it's assumed that you'd
be using a high-entropy key rather than just a password.  The stronger (but
more heavyweight) forms use a standard RSA or DH exchange (alongside the PSK
data), so this isn't an issue.  Note that even the most heavyweight form, DHE
+ PSK, only has the same overhead as the SPEKE/SRP/etc-type protcols.

Peter.

Follow-Ups:
- Re: New work for sacred working group?
  - From: Stephen Farrell

References:
- Re: New work for sacred working group?
  - From: Stephen Farrell

Prev by Date: Re: New work for sacred working group?
Next by Date: Re: New work for sacred working group?
Previous by thread: Re: New work for sacred working group?
Next by thread: Re: New work for sacred working group?
Index(es):
- Date
- Thread