Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update for SPAKE2 #294

Merged
merged 6 commits into from
Feb 28, 2024
Merged

Update for SPAKE2 #294

merged 6 commits into from
Feb 28, 2024

Conversation

markafoltz
Copy link
Contributor

@markafoltz markafoltz commented Sep 8, 2022
edited by pr-preview bot
Loading

This PR addresses Issue #235: Update SPAKE2 section according to current IETF draft

The IETF draft has had several updates since the SPAKE2 section was first written. I am taking this opportunity to align
the protocol with the way the algorithm is written in the current draft, as an explicit two-round process.

By moving to a two-round process the auth-spake2-needs-psk message can be eliminated and replaced by having each agent explicitly state the PSK status in the auth-spake2-handshake message. This leads to a cleaner and easier to understand protocol.

In addition the message fields and associated text are updated to align with the terms used in the IETF draft.

Finally it updates the transcript-mac field to 64 bytes to allow the use of SHA-512 in the HMAC.

Preview | Diff

@markafoltz markafoltz added the F2F label Sep 8, 2022
@markafoltz markafoltz mentioned this pull request Sep 13, 2022
Open
@markafoltz markafoltz requested review from tidoust and baylesj March 6, 2023 20:01
@markafoltz
Copy link
Contributor Author

This should be ready for review.

baylesj
baylesj reviewed Mar 31, 2023
View reviewed changes
messages_appendix.cddl Outdated Show resolved Hide resolved
messages_appendix.cddl Outdated Show resolved Hide resolved
index.bs Outdated Show resolved Hide resolved
index.bs Outdated Show resolved Hide resolved
messages_appendix.cddl Outdated Show resolved Hide resolved
@markafoltz markafoltz linked an issue Sep 11, 2023 that may be closed by this pull request
Update SPAKE2 section according to current IETF draft #235
Closed
@markafoltz markafoltz added v1-spec security-tracker Group bringing to attention of security, or tracked by the security Group but not needing response. labels Sep 11, 2023
@w3cbot w3cbot mentioned this pull request Sep 11, 2023
Open
baylesj
baylesj approved these changes Oct 12, 2023
View reviewed changes
Copy link
Contributor

@baylesj baylesj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM % feedback.

index.bs Show resolved Hide resolved
messages_appendix.cddl Outdated Show resolved Hide resolved
@markafoltz
Copy link
Contributor Author

PTAL @baylesj

@markafoltz markafoltz merged commit d338b24 into main Feb 28, 2024
2 checks passed
@markafoltz markafoltz deleted the issue-235-spake2 branch February 28, 2024 17:42
@markafoltz
Copy link
Contributor Author

Went ahead and merged this as outstanding comments are addressed. Let me know if there are further comments @baylesj

github-actions bot added a commit that referenced this pull request Feb 28, 2024
@markafoltz @github-actions
Merge pull request #294 from w3c/issue-235-spake2
2d25b3d 
SHA: d338b24
Reason: push, by mfoltzgoogle

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@backkem backkem mentioned this pull request Apr 24, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@baylesj baylesj baylesj approved these changes

@tidoust tidoust Awaiting requested review from tidoust

Assignees

@baylesj baylesj

Labels
F2F security-tracker Group bringing to attention of security, or tracked by the security Group but not needing response. v1-spec
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update SPAKE2 section according to current IETF draft
2 participants
@markafoltz @baylesj