Thread Links | Date Links | ||||
---|---|---|---|---|---|
Thread Prev | Thread Next | Thread Index | Date Prev | Date Next | Date Index |
--- This message came from the IEEE 802.11 Working Group Reflector ---
Hello, I have uploaded what I hope is the final version of 11-19/1173, now at r13. This includes a fix for how “val” is generated to produce PWE from the PT element, some crypto-agility to make stronger groups use stronger hash functions to do the calculations, and fixes to the test vectors. The test vectors have now been validated by 2 independent implementations so counting mine that generated them in the first place that means we have 3 independent implementations of this. A very nice showing! As usual, comments/concerns/etc please post them to the list. Regards, Dan. On 8/20/19, 9:16 PM, "Harkins, Daniel" <daniel.harkins@xxxxxxx> wrote: --- This message came from the IEEE 802.11 Working Group Reflector ---
OK, make that r11. I received comments on r9 and r10 and have addressed them in r11. This is the version I will be presenting tomorrow in the teleconference of the TGm ad hoc. regards, Dan. On 8/17/19, 9:16 AM, "Harkins, Daniel" <daniel.harkins@xxxxxxx> wrote: --- This message came from the IEEE 802.11 Working Group Reflector ---
Hello, I received a couple comments regarding typos in 11-19/1173r9 and have not gotten any more comments so I have uploaded r10 which only differs from r9 by corrected typos, the content is exactly the same. regards, Dan. On 8/2/19, 11:02 AM, "Harkins, Daniel" <daniel.harkins@xxxxxxx> wrote: --- This message came from the IEEE 802.11 Working Group Reflector ---
Hello, I have updated 11-19/1173 to do the "Simplified SWU" method of hashing to a curve. This supports all the curves possible with SAE and is more efficient that the previous version. It can be implemented in constant time which will mitigate the side channel and timing attacks described in the recent "Dragonblood" paper. In addition, it mitigates a group downgrade attack (also described in that paper).
https://mentor.ieee.org/802.11/dcn/19/11-19-1173-09-000m-pwe-in-constant-time.docx Please take a look. I have implemented this so I know it works. The question is, though, is this specified in a clear enough way for others to implement.
regards,
Dan. To unsubscribe from the STDS-802-11 list, click the following link:
https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11&A=1 To unsubscribe from the STDS-802-11 list, click the following link:
https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11&A=1 To unsubscribe from the STDS-802-11 list, click the following link:
https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11&A=1 To unsubscribe from the STDS-802-11 list, click the following link: https://listserv.ieee.org/cgi-bin/wa?SUBED1=STDS-802-11&A=1 |