mfoltzgoogle
commented
3 years ago The IETF CFRG has completed the second round of review of candidate PAKE algorithms in March of this year.
https://github.com/cfrg/pake-selection#reviews-by-crypto-review-panel-round-2
The panel of experts made the following recommendations:
We recommend the following two protocols to be selected as «recommended by the CFRG for usage in IETF protocols»: one balanced PAKE - CPace, and one augmented PAKE - OPAQUE.
https://mailarchive.ietf.org/arch/msg/cfrg/LKbwodpa5yXo6VuNDU66vt_Aca8/
CPACE is being written up here:
https://datatracker.ietf.org/doc/draft-irtf-cfrg-cpace/
OPAQUE is being written up here:
https://datatracker.ietf.org/doc/draft-irtf-cfrg-opaque/
The next steps are to evaluate the assumptions and suitability of these two algorithms for our use case, and possibly follow up with the IETF draft author(s) with any questions or feedback.
This issue is to track the CFRG PAKE selection process going on in the IETF. When that process completes, if they pick a PAKE other than SPAKE2, we should consider swapping out SPAKE2 if there are no implementations shipped yet.
https://github.com/cfrg/pake-selection
They aren't tracking progress in GitHub, instead conversations are happening on the cfrg@ietf.org mailing list. I will set myself up to lurk there to monitor progress.