Re: [Cfrg] Curve manipulation, revisited

Yoav Nir <ynir.ietf@gmail.com> Mon, 29 December 2014 20:08 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 848F61AC3AE for <cfrg@ietfa.amsl.com>; Mon, 29 Dec 2014 12:08:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BMlOwebaAzEO for <cfrg@ietfa.amsl.com>; Mon, 29 Dec 2014 12:08:57 -0800 (PST)
Received: from mail-we0-x22d.google.com (mail-we0-x22d.google.com [IPv6:2a00:1450:400c:c03::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3948B1AC3B8 for <cfrg@irtf.org>; Mon, 29 Dec 2014 12:08:45 -0800 (PST)
Received: by mail-we0-f173.google.com with SMTP id q58so49427wes.18 for <cfrg@irtf.org>; Mon, 29 Dec 2014 12:08:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=p9sveX3EI1nNQLE0bDgKDnQNNsmgRCR661/Vzd8JamA=; b=C1nNkeKG1cTw0Evzj6eSCTI9663f6ftl1+TgxKL5jwrVMmAygBJYsyxGtuhbs0eOfn F6kmXeI8JnMrpqIKf+35X1TsQf6ZvfMiPJ6EHjADZbPT5JRzGL4YEwPJ92mCYo/tGJCh j1Y9K9mkuZluQYRum/3nouhaTIml8gJrsF7WEuwH+ZW4ZIl/R+QJDlRUMwanXOfKkzIj Qy6WA3ZccrtRAe1/35s/FzaLOjHm5c2TPiVMmARnwkQTKUuDe12s5XNv8EJGCs2vJaU8 o8kWvSSlQgiW78Q2y+KP/aewX9C2EcA2ojVcbKp6/bu40ySooWMQeYu5dQ4J5MCsB1O8 XXjg==
X-Received: by 10.195.13.104 with SMTP id ex8mr6892380wjd.12.1419883723848; Mon, 29 Dec 2014 12:08:43 -0800 (PST)
Received: from [192.168.1.104] (IGLD-84-228-227-214.inter.net.il. [84.228.227.214]) by mx.google.com with ESMTPSA id n5sm40746705wic.6.2014.12.29.12.08.42 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 29 Dec 2014 12:08:43 -0800 (PST)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C71D55236F10@USMBX1.msg.corp.akamai.com>
Date: Mon, 29 Dec 2014 22:08:41 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <A09FEC84-6EF1-4886-9D88-E737A0895738@gmail.com>
References: <CAMfhd9W684XMmXn3ueDmwrsQ_ZdiFG+VqYLxkvs7qDwiJdpk6w@mail.gmail.com> <1725646678.805875.1419539885135.JavaMail.yahoo@jws100115.mail.ne1.yahoo.com> <CAMfhd9Ua5fFZk46Xx1AN2VgyJ=Yng6fnO8aN-_ZfzXQn0Xbxhg@mail.gmail.com> <CA+Vbu7zqFcu8d1053mZ_eEm0q=np6T3snSQ4rfY0k1-4hBVDsA@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C71D55236DA1@USMBX1.msg.corp.akamai.com> <68DF78C2-9F4D-457C-A32E-88A58E74A371@gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C71D55236ECC@USMBX1.msg.corp.akamai.com> <A7D3783D-0159-486E-8136-63E90E20AC0B@gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C71D55236EE7@USMBX1.msg.corp.akamai.com> <CA+Vbu7yaJNgi0JkhyBG6YEoKy+r5BFm_HwjL94sgHHOM7i3zOw@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C71D55236F10@USMBX1.msg.corp.akamai.com>
To: Rich Salz <rsalz@akamai.com>
X-Mailer: Apple Mail (2.1993)
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/2CjogM5jG27yWojh3zmcad-8byw
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] Curve manipulation, revisited
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Dec 2014 20:08:59 -0000

> On Dec 29, 2014, at 9:53 PM, Salz, Rich <rsalz@akamai.com>; wrote:
> 
>> Not to get all Watson on you, but does that mean you don't have a strong opinion on the twisted Edwards form? 
> 
> I don't consider myself qualified enough to have an opinion worth stating.

Me neither, but I would like the CFRG to come up with a signature algorithm and compatible curves for TLS / IKE / SSH. Deployment will be far slower. We need CFRG to recommend before TLS specifies, and TLS will specify before the browsers implement, and the CAs won’t sign certificates with such keys before the vast majority of browsers support. This is not like a new ECDHE curve where anyone can add it to their implementation.

Yoav