athoelke
commented
10 months ago @silabs-Kusumit, @silabs-hannes, @oberon-sk, @yanesca: please continue review of SPAKE2+ here
Closed athoelke closed 8 months ago
athoelke
commented
10 months ago @silabs-Kusumit, @silabs-hannes, @oberon-sk, @yanesca: please continue review of SPAKE2+ here
athoelke
commented
9 months ago On the name of the algorithms... should we version the MATTER algorithm identifier, as in PSA_ALG_SPAKE2P_MATTER1 or PSA_ALG_SPAKE2P_MATTERV1?
I don't know if a future version of Matter might decide to update to the RFC definition of SPAKE2+, or use something else entirely. So we would end up with two different SPAKE2+ Matter algorithms.
yanesca
commented
9 months ago AES0058-PSA_Certified_Crypto_API-1.2_PAKE_Extension-bet.2-draft2-spake2plus.pdf Doesn't seem to be the latest rendering. It still says "The current API proposal provides the general interface for PAKE algorithms, and the specific interface for J-PAKE." as opposed to the source which correctly mentions SPAKE2+ as well.
athoelke
commented
9 months ago Doesn't seem to be the latest rendering. It still says "The current API proposal provides the general interface for PAKE algorithms, and the specific interface for J-PAKE." as opposed to the source which correctly mentions SPAKE2+ as well.
You are correct. I don't know if the document build had missed the last commit on Dec 1. There are a few follow-up edits now, so let me rebuild a v3 draft.
athoelke
commented
9 months ago Updated draft PDF now available: AES0058-PSA_Certified_Crypto_API-1.2_PAKE_Extension-bet.2-draft3-spake2plus.pdf
This adds the last three commits in this PR to the previous draft PDF.
silabs-Kusumit
commented
9 months ago I viewed the draft PDF and didn't find any issues. The values calculated for size of w0s and w1s in bytes are correct.
LGTM
This PR is a second draft of the complete SPAKE2+ API, incorporating the last remaining SPAKE2+ PR #119. The first draft is in PR #126.
None of the API elements have changed since the first draft. This one reorganises the documentation, and reworks the overview of the SPAKE2+ protocol. The first draft defined the SPAKE2+ algorithms (see https://github.com/ARM-software/psa-api/commit/701c9ecabbb234e3b83b606909d3dbad1c6403d2), the new updates are from https://github.com/ARM-software/psa-api/commit/3cf983f3e9e2ec98ab76224b92e61c3ddde0b787 onwards. The primary effects of the rework:
Organise the API chapter into three sections:
This permits a more consolidated structure for describing how to use the Crypto API for all of the phases of the SPAKE2+ protocol.
The result of the changes can be seen in this draft rendering: AES0058-PSA_Certified_Crypto_API-1.2_PAKE_Extension-bet.2-draft3-spake2plus.pdf Out-dated draft:
AES0058-PSA_Certified_Crypto_API-1.2_PAKE_Extension-bet.2-draft2-spake2plus.pdfDO NOT MERGE
There remains one open issue in the preceding PR: verifying the table of KDF extraction lengths when deriving the SPAKE2+ keys.