IETF Logo Mail Archive

Re: [Cfrg] Call for adoption: draft-hdevalence-cfrg-ristretto-01

Richard Barnes <rlb@ipv.sx> Wed, 18 September 2019 17:38 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2BC62120A7E for <cfrg@ietfa.amsl.com>; Wed, 18 Sep 2019 10:38:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Xgi71OT3QwmR for <cfrg@ietfa.amsl.com>; Wed, 18 Sep 2019 10:38:19 -0700 (PDT)
Received: from mail-oi1-x22e.google.com (mail-oi1-x22e.google.com [IPv6:2607:f8b0:4864:20::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4108012088F for <cfrg@ietf.org>; Wed, 18 Sep 2019 10:38:19 -0700 (PDT)
Received: by mail-oi1-x22e.google.com with SMTP id 83so368689oii.1 for <cfrg@ietf.org>; Wed, 18 Sep 2019 10:38:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=WENAdR5pAwGqfi8wxllcUiYHzHfnbQBOseotLoDs1JQ=; b=wHt40J7zmaR2mQIF5YMux94viKL50cGCShdaUkqBp5dLCX+0IfBUf/tDtRtykHqWSc e8Etenti8GSlmRyTEOO45CJSSKmzd1b9F8JLiw1NT7yTZEcGKSZf9exzx8VQ3qQnb4OB iWdCJ8hISS3IcfgMudChT8cjC9kFyG7d2vwnmBMiXa6wHlqq245aIcjM6qZPSU+wakYI jei0Qclx5dGobzLV7mC7RGukesPS4I/a3EB4AKlE5x+YzQBQCM96iolYiwjDUivcS/BT FRDuyL6bs9flbSNrm62fS0tROaWI8cSOELK/oSNaPHA5T7Kk+R9ERiVhnRaHBXxaQlDB d+Hw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=WENAdR5pAwGqfi8wxllcUiYHzHfnbQBOseotLoDs1JQ=; b=ljPjHhGrUT+PUPknNyN0NUh6/pki1jauoXFDrd7ajkVpSE2JMbQjizXrFDtUmn5zBV DIzEvnia1UKj/Ty0XmM75RNeplhBBaSqiTbKIqUor+3l/mSPUyFqCc1cGt6ETQm8C7qv +ziEUm43cvVVYTzc5nEIcDB7eRT5mDNM9z6Uljih/7Geh6aYUgVKmECzhfmMk5+E4Gm3 cSTcl8jpZGynRGzNDKmBUn6961NAyErH4uY7dTMmUQmRP0yqJp2XR7UO4/WK5qqqd8Td lh2660JmTCrccn849BFNtODcmkvSHJBWNxZpxoidFysjbXaG4jx2ncXWAek5XdR1FckY vRpw==
X-Gm-Message-State: APjAAAXNBMaiz04q+AIU6yFB5fQU4oYim7CvRJNX6+Qf8LJO1AozZwfv 3z4MYhu+lC7gFKdw+u6hPUxTXsqdj0NWXRod3pfsLg==
X-Google-Smtp-Source: APXvYqw0Fy4z1hhBHG41ZFxn8iY8KmL9BWNNbzdByIeuKsrIPv1wlHwCcfghagJxxHck/c67NFkroB+LiSbS4WJ4L6I=
X-Received: by 2002:aca:cc0b:: with SMTP id c11mr3031255oig.169.1568828298415; Wed, 18 Sep 2019 10:38:18 -0700 (PDT)
MIME-Version: 1.0
References: <e43c34da-1e2c-d1b5-9fc1-5bcc8373ebc8@isode.com>
In-Reply-To: <e43c34da-1e2c-d1b5-9fc1-5bcc8373ebc8@isode.com>
From: Richard Barnes <rlb@ipv.sx>
Date: Wed, 18 Sep 2019 13:38:05 -0400
Message-ID: <CAL02cgQorNKVrOPvqZQtDQNK-F0nH_dwj3i39zadkBKM1O0U5A@mail.gmail.com>
To: Alexey Melnikov <alexey.melnikov@isode.com>
Cc: "cfrg@ietf.org" <cfrg@ietf.org>, draft-hdevalence-cfrg-ristretto.authors@ietf.org, "cfrg-chairs@ietf.org" <cfrg-chairs@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000070e0bd0592d74d16"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/2q1fqvICNpUTecNauCwvJu0WfeI>
Subject: Re: [Cfrg] Call for adoption: draft-hdevalence-cfrg-ristretto-01
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Sep 2019 17:38:21 -0000

I am not in a position to evaluate the mathematics of this proposal, but
the idea of a curve that files down some of the unnecessary "sharp edges"
of Curve25519 is welcome.

As has been discussed previously on this list, it is helpful in some
contexts to have DH groups in which scalar multiplication commutes with the
private-to-public-key map, since this allows public keys to be transformed
in a way that the corresponding transformations on private keys are clear.
This is the case for the traditional NIST ECDH curves, but not for
Curve25519, due to the "clamping" it requires.  If I understand correctly,
Ristretto would have this property, and so would in some cases effectively
be a more useful version of Curve25519.

--RLB

On Wed, Sep 18, 2019 at 12:45 PM Alexey Melnikov <alexey.melnikov@isode.com>
wrote:

> Dear CFRG participants,
>
> This email commences a 2-week call for adoption for
> draft-hdevalence-cfrg-ristretto-01 that will end on October 2nd 2019:
>
>   https://datatracker.ietf.org/doc/draft-hdevalence-cfrg-ristretto/
>
> Please give your views on whether this document should be adopted as a
> CFRG draft, and if so, whether you'd be willing to help work on
> it/review it. Please reply to this email (or in exceptional
> circumstances you can email CFRG chairs directly at cfrg-chairs@ietf.org).
>
> Thank you,
> Alexey (for the chairs)
>
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg
>

v2.23.0 | Report a Bug | By Email