[Cryptography-dev] "intrinsic" symmetric key identifier?
lvh
_ at lvh.io
Thu Jul 7 08:36:12 EDT 2016
> On Jul 7, 2016, at 7:22 AM, Simo Sorce <simo at redhat.com> wrote:
> On Wed, 2016-07-06 at 17:20 -0500, Laurens Van Houtven wrote:
>>
>> Right. The reason I'm being so persistent is similar to why a lot of
>> cryptographers dislike PAKE -- it's not that it's bad or hard to do --
>> it just seems like a weird problem to have. To quote Glyph, it sounded
>> a bit like a jackhammer problem :)
>
> Sorry for the OT, I find PAKE very useful and we have a draft[1] to get
> a variant (SPAKE) in the Kerberos protocol.
> Do you have any reference to documents describing this "dislike" ?
> I'd like to know more about it.
Nope. I don’t share those opinions of PAKE, regardless; but I do agree that it’s a solution to a very specific problem. If you want a reasonable way to go from a low-entropy shared secret to a high-entropy one, then you probably want SPAKE2.
lvh
More information about the Cryptography-dev
mailing list