Re: [Cfrg] Call for adoption: draft-hdevalence-cfrg-ristretto-01
"Filippo Valsorda" <filippo@ml.filippo.io> Thu, 19 September 2019 11:45 UTC
Return-Path: <filippo@ml.filippo.io>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9482120013 for <cfrg@ietfa.amsl.com>; Thu, 19 Sep 2019 04:45:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=filippo.io header.b=Ee0C+inI; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=KM0zW7cz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JLflEVzhfjkE for <cfrg@ietfa.amsl.com>; Thu, 19 Sep 2019 04:45:40 -0700 (PDT)
Received: from wout4-smtp.messagingengine.com (wout4-smtp.messagingengine.com [64.147.123.20]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 263A71200E9 for <cfrg@irtf.org>; Thu, 19 Sep 2019 04:45:38 -0700 (PDT)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id C891A6EB; Thu, 19 Sep 2019 07:45:35 -0400 (EDT)
Received: from imap1 ([10.202.2.51]) by compute3.internal (MEProxy); Thu, 19 Sep 2019 07:45:35 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=filippo.io; h= mime-version:message-id:in-reply-to:references:date:from:to:cc :subject:content-type; s=fm1; bh=8hFGZf5UMYmUMzA/8EMxHUAIv4Wxfjg 3xQnQK5IXy1k=; b=Ee0C+inIjjeLK3WSENGiDCGjbf/k3wVhp+8nQw7H17sC6OY oIpg5omnehG6azt6P2I3a+DPDv85krh8GvpVnnIbzVFDS1MPqDIG6ixaBmdIqcp+ vPZZ0wNE/XMciSu5wmTZwseb9bsUDTuxX+8iMbNrP5H42+UywAPNEeSpip7Aw2Jy RkRuk3X0iHDp5rHWChEAj3l2w07dMYL7/5NGIogrq8BrYPeeRx3C8vC3lImSctx8 ImgklistDI0EyjqkAUqB30u+En70lVxe4WND4cmRVv777pPBZz1kc7FJ8hmbufRc JEuHCdmi5JkGpHpWVgkySyXYtNl5VdRVDXlH99A==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=8hFGZf 5UMYmUMzA/8EMxHUAIv4Wxfjg3xQnQK5IXy1k=; b=KM0zW7cz6UKMqIT/uZjfdn L5UDWEtshb11sbF362tsTI5bCoY424UI5x0QqNYOjABew/L6EqgG9h367eou59PR pENAc93d7cer2LXnWHOdi/ydKMhEPyDPW602C6XxOtjeWnzkLN2HAVyd0Ylx5jfk h0lr/vAGizZEofqmS2wxzzqmUTjtsI1i7o9FYJA1ccjeI5rGyB6zhhGU+28UVmg/ ohv4qmpGf2yrvVdQDaTodrkq4ng0CsaeCp+K423vQseCHAvYbacVdyAT7jALzt6W ya7qXvB9RXUVw3CQAzuktMWldy+RQqJpY6S/7d48Or6w29oWbzrfbRgzakLB8oZw ==
X-ME-Sender: <xms:XmqDXSERlBC3xK0szzNoSxK-hItI7zPGBxHQNlFhlGxt_IgwaML5HQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedufedrvddtgdeghecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkjghffffhvffutgesthdtre dtreertdenucfhrhhomhepfdfhihhlihhpphhoucggrghlshhorhgurgdfuceofhhilhhi phhpohesmhhlrdhfihhlihhpphhordhioheqnecuffhomhgrihhnpehivghtfhdrohhrgh enucfrrghrrghmpehmrghilhhfrhhomhepfhhilhhiphhpohesmhhlrdhfihhlihhpphho rdhiohenucevlhhushhtvghrufhiiigvpedt
X-ME-Proxy: <xmx:XmqDXeuwozmHgs_457oAldiAEp_QXMMA_JOIRq2mZjfDgbx1R0cVNw> <xmx:XmqDXfkn9x1zjKZ41dU_lFC82kk2eXsZOPee7hbCYRYX4yDY0wp04Q> <xmx:XmqDXX1qQ7lvQRezHfuDTGq4R-Y1Sd4pkIbww2HbgyzjgNQD86Vc0Q> <xmx:X2qDXd8ql_E9l61nsW43CuL6wMsOuLjRWIxLbLdDUvMdswAFDz_u7A>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 8064FC200A5; Thu, 19 Sep 2019 07:45:34 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.7-238-g170a812-fmstable-20190913v1
Mime-Version: 1.0
Message-Id: <6be1dbd1-308c-4e32-98e3-f02dbceefa4d@www.fastmail.com>
In-Reply-To: <161fc653-2cab-4c6d-812b-92d2e426719d@www.fastmail.com>
References: <e43c34da-1e2c-d1b5-9fc1-5bcc8373ebc8@isode.com> <CAL02cgQorNKVrOPvqZQtDQNK-F0nH_dwj3i39zadkBKM1O0U5A@mail.gmail.com> <161fc653-2cab-4c6d-812b-92d2e426719d@www.fastmail.com>
Date: Thu, 19 Sep 2019 13:44:22 +0200
From: Filippo Valsorda <filippo@ml.filippo.io>
To: cfrg@irtf.org
Cc: draft-hdevalence-cfrg-ristretto.authors@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/3RRpX9hME5ErtAzCoVgzUoP27Ys>
Subject: Re: [Cfrg] Call for adoption: draft-hdevalence-cfrg-ristretto-01
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Sep 2019 11:45:42 -0000
2019-09-19 00:36 GMT+02:00 Christopher Wood <caw@heapingbits.net>: > I'm in favor of adoption as well, though am curious to know where folks > stand on the issues discussed in [1] and earlier messages. What is the > plan for reconciling this with the hash-to-curve draft? Of the three > options Filippo outlines in [2], the third seems the most appealing and > probably the most workable, though does muddy the "curve" focus of > hash-to-curve. > > Best, > Chris > > [1] https://mailarchive.ietf.org/arch/msg/cfrg/w91AdGVdLWccafiPub862MObk5c > [2] https://mailarchive.ietf.org/arch/msg/cfrg/p_r53FtGcaNSB_HwIV0J9FSgYbg We plan to prepare -02 to address all the unclear parts that emerged from the discussion on this list. The reason it's taking longer than we'd like is that we want to simultaneously port one of the implementations to a different curve, so we can have discussions more in concrete. As for hash-to-curve, we agree that invoking FROM_UNIFORM_BYTES from hash-to-curve is the best way forward. It preserves the API abstraction and avoids leaking Ristretto internal representatives into the hash-to-curve spec and its implementations, while still leaving hash-to-curve in charge of domain separation and everything else. Thank you, Filippo
- [Cfrg] Call for adoption: draft-hdevalence-cfrg-r… Alexey Melnikov
- Re: [Cfrg] Call for adoption: draft-hdevalence-cf… Richard Barnes
- Re: [Cfrg] Call for adoption: draft-hdevalence-cf… Christopher Wood
- Re: [Cfrg] Call for adoption: draft-hdevalence-cf… Christopher Wood
- Re: [Cfrg] Call for adoption: draft-hdevalence-cf… Filippo Valsorda
- Re: [Cfrg] Call for adoption: draft-hdevalence-cf… Alex Davidson
- Re: [Cfrg] Call for adoption: draft-hdevalence-cf… Greg Hudson
- Re: [Cfrg] Call for adoption: draft-hdevalence-cf… Alex Davidson
- Re: [Cfrg] Call for adoption: draft-hdevalence-cf… Riad S. Wahby
- Re: [Cfrg] Call for adoption: draft-hdevalence-cf… Riad S. Wahby
- Re: [Cfrg] Call for adoption: draft-hdevalence-cf… Greg Hudson
- Re: [Cfrg] Call for adoption: draft-hdevalence-cf… Blumenthal, Uri - 0553 - MITLL
- Re: [Cfrg] Call for adoption: draft-hdevalence-cf… John Mattsson
- Re: [Cfrg] Call for adoption: draft-hdevalence-cf… Alexey Melnikov
- Re: [Cfrg] Call for adoption: draft-hdevalence-cf… Filippo Valsorda
- Re: [Cfrg] Call for adoption: draft-hdevalence-cf… Riad S. Wahby
- Re: [Cfrg] Call for adoption: draft-hdevalence-cf… Riad S. Wahby
- Re: [Cfrg] Call for adoption: draft-hdevalence-cf… Filippo Valsorda