[Cfrg] Change of point formats
Watson Ladd <watsonbladd@gmail.com> Thu, 23 January 2014 06:56 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 695F01A0279 for <cfrg@ietfa.amsl.com>; Wed, 22 Jan 2014 22:56:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XTDaT0sogPuY for <cfrg@ietfa.amsl.com>; Wed, 22 Jan 2014 22:56:21 -0800 (PST)
Received: from mail-wi0-x233.google.com (mail-wi0-x233.google.com [IPv6:2a00:1450:400c:c05::233]) by ietfa.amsl.com (Postfix) with ESMTP id 6FC8A1A0266 for <cfrg@irtf.org>; Wed, 22 Jan 2014 22:56:21 -0800 (PST)
Received: by mail-wi0-f179.google.com with SMTP id hr1so1426476wib.0 for <cfrg@irtf.org>; Wed, 22 Jan 2014 22:56:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=6PitWngtkiXH0fRjPSp3UsKdkTQHl4oJqvmeBoXqJBI=; b=yCmX+PUnvvlZBBy1twRnUmkbd47w83YuihA8b/kH6/yFE6UCxkGia9Vsp/Tlf936CP XQBXbkhwNLsCGANiHF0qAW1t5ojtlN0Bt8s+LbV4dC34k4u1Hrtzz7pfkEFeNNfm4lKy FU00nOkcB21Iri5wqr9SSTBkqkHwbOhAXwOgpUbhATDBxPOhxDBVfe11GG8Ua/5m/xCC mC4VJHC+hYhfJZFkT9Fb9kaZRCs+U8ueEyT/5TR9Kyr9Qzd1MxJzOO5fkQzHW4cuhyXE p3ELWi4HYBJjTOjbvhFajCJ17hZmcECD1lqKh2Y3VTNpqUjIuncZwCoDzmfkfS9Z7okt DTTw==
MIME-Version: 1.0
X-Received: by 10.194.119.168 with SMTP id kv8mr5160561wjb.41.1390460180222; Wed, 22 Jan 2014 22:56:20 -0800 (PST)
Received: by 10.194.250.101 with HTTP; Wed, 22 Jan 2014 22:56:20 -0800 (PST)
Date: Wed, 22 Jan 2014 22:56:20 -0800
Message-ID: <CACsn0cme1zn9ntHOOseF+be+LyvbwCRFu6Cbv2XmVmtN-k4cZQ@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: "cfrg@irtf.org" <cfrg@irtf.org>
Content-Type: text/plain; charset="UTF-8"
Subject: [Cfrg] Change of point formats
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Jan 2014 06:56:23 -0000
Dear all, After thinking about it for a while, I discovered an argument that changed my opinion about point formats. Robert Ransom's suggestion to use a sign for an Edwards x and send the body of a Montgomery x is much better then it looks like at first. The argument is as follows: right now the proposed format forces a protocol to decide whether a point will be used in addition or not. For most applications this is perfectly fine, and the efficiency considerations mitigate against Robert Ransom's proposal. But there is one application for which this is not ideal: Tor. The Tor developers would love to smuggle in a point that can be added in the place where one that cannot lives. Add to it the possibility of using one implementation for everything, and I see a lot of value in this idea. Supporting this proposal involves some dramatic changes to the draft. For one thing Montgomery form with reciprocals of small integers will have to be introduced. Several curves (and I don't know which yet) will have to vanish because they are not amenable to this trick. I'm also considering adding the Elligator map, given its usefulness when uniform representations are required. Anyway, several more days, possibly even a few weekends before the next version comes out. Sincerely, Watson Ladd
- [Cfrg] Change of point formats Watson Ladd