Re: [CFRG] guidance on using an Ed25519 keypair for x25519
Manu Sporny <msporny@digitalbazaar.com> Mon, 20 June 2022 23:44 UTC
Return-Path: <msporny@digitalbazaar.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66F16C14CF0A for <cfrg@ietfa.amsl.com>; Mon, 20 Jun 2022 16:44:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.784
X-Spam-Level:
X-Spam-Status: No, score=-3.784 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-1.876, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0HkT3sST2bK8 for <cfrg@ietfa.amsl.com>; Mon, 20 Jun 2022 16:44:38 -0700 (PDT)
Received: from mail.digitalbazaar.com (mail.digitalbazaar.com [96.89.14.193]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 052A0C14F6EB for <cfrg@irtf.org>; Mon, 20 Jun 2022 16:44:37 -0700 (PDT)
Received: from bb1-nat4-bnt-51.bnt.com ([216.252.196.51] helo=[10.4.10.95]) by mail.digitalbazaar.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.89) (envelope-from <msporny@digitalbazaar.com>) id 1o3R4Y-00053y-2x for cfrg@irtf.org; Mon, 20 Jun 2022 19:44:48 -0400
To: cfrg@irtf.org
References: <c767d783-67b7-e43e-b438-96c1e361ea64@htt-consult.com>
From: Manu Sporny <msporny@digitalbazaar.com>
Message-ID: <37419b07-7a22-34c1-d596-643ae5d20d4e@digitalbazaar.com>
Date: Mon, 20 Jun 2022 19:44:33 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0
MIME-Version: 1.0
In-Reply-To: <c767d783-67b7-e43e-b438-96c1e361ea64@htt-consult.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-GB
Content-Transfer-Encoding: 7bit
X-SA-Exim-Connect-IP: 216.252.196.51
X-SA-Exim-Mail-From: msporny@digitalbazaar.com
X-SA-Exim-Version: 4.2.1 (built Tue, 02 Aug 2016 21:08:31 +0000)
X-SA-Exim-Scanned: Yes (on mail.digitalbazaar.com)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/0Hrrbwfs3DZky1zHMc8UXr-OKaw>
Subject: Re: [CFRG] guidance on using an Ed25519 keypair for x25519
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jun 2022 23:44:42 -0000
On 6/20/22 6:44 PM, Robert Moskowitz wrote: > This seems to pop up in places, and I found: > > https://eprint.iacr.org/2021/509 > > Is this covered in any IETF RFC? I am coming up empty; my search foo is > weak.... We point to that document in the 'did:key' Decentralized Identifier Method specification: https://w3c-ccg.github.io/did-method-key/#derive-encryption-key-algorithm At least one place it's being used, AFAICT, is the OSCORE work: https://datatracker.ietf.org/doc/html/draft-ietf-core-oscore-groupcomm Specifically, in Section 2.4: Pairwise Keys. https://datatracker.ietf.org/doc/html/draft-ietf-core-oscore-groupcomm#section-2.4 You can find references to that document throughout the OSCORE specification. Hope that helps. On a related note, we've been told by security researchers that NIST is unlikely to view such an operation as safe to use with US government systems, even if the Thormarker proof is found to be valid, given the general policy against key reuse at NIST. Has anyone else on here heard the same sort of thing from NIST? -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. News: Digital Bazaar Announces New Case Studies (2021) https://www.digitalbazaar.com/
- [CFRG] guidance on using an Ed25519 keypair for x… Robert Moskowitz
- Re: [CFRG] guidance on using an Ed25519 keypair f… Robert Moskowitz
- Re: [CFRG] guidance on using an Ed25519 keypair f… Manu Sporny
- Re: [CFRG] guidance on using an Ed25519 keypair f… Robert Moskowitz
- Re: [CFRG] guidance on using an Ed25519 keypair f… Göran Selander
- Re: [CFRG] guidance on using an Ed25519 keypair f… Robert Moskowitz
- Re: [CFRG] guidance on using an Ed25519 keypair f… Salz, Rich