> On Jul 7, 2016, at 7:22 AM, Simo Sorce <s...@redhat.com> wrote: > On Wed, 2016-07-06 at 17:20 -0500, Laurens Van Houtven wrote: >> >> Right. The reason I'm being so persistent is similar to why a lot of >> cryptographers dislike PAKE -- it's not that it's bad or hard to do -- >> it just seems like a weird problem to have. To quote Glyph, it sounded >> a bit like a jackhammer problem :) > > Sorry for the OT, I find PAKE very useful and we have a draft[1] to get > a variant (SPAKE) in the Kerberos protocol. > Do you have any reference to documents describing this "dislike" ? > I'd like to know more about it.
Nope. I don’t share those opinions of PAKE, regardless; but I do agree that it’s a solution to a very specific problem. If you want a reasonable way to go from a low-entropy shared secret to a high-entropy one, then you probably want SPAKE2. lvh _______________________________________________ Cryptography-dev mailing list Cryptography-dev@python.org https://mail.python.org/mailman/listinfo/cryptography-dev
