On Thu, 2016-07-07 at 07:36 -0500, lvh wrote: > > On Jul 7, 2016, at 7:22 AM, Simo Sorce <s...@redhat.com> wrote: > > On Wed, 2016-07-06 at 17:20 -0500, Laurens Van Houtven wrote: > >> > >> Right. The reason I'm being so persistent is similar to why a lot of > >> cryptographers dislike PAKE -- it's not that it's bad or hard to do -- > >> it just seems like a weird problem to have. To quote Glyph, it sounded > >> a bit like a jackhammer problem :) > > > > Sorry for the OT, I find PAKE very useful and we have a draft[1] to get > > a variant (SPAKE) in the Kerberos protocol. > > Do you have any reference to documents describing this "dislike" ? > > I'd like to know more about it. > > > Nope. I don’t share those opinions of PAKE, regardless; but I do agree > that it’s a solution to a very specific problem. If you want a > reasonable way to go from a low-entropy shared secret to a > high-entropy one, then you probably want SPAKE2.
Yes, we are using SPAKE2, thanks. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Cryptography-dev mailing list Cryptography-dev@python.org https://mail.python.org/mailman/listinfo/cryptography-dev
