Re: [Cfrg] 40 bit loop and DragonFly

Stephen Farrell <> Sun, 05 January 2014 10:34 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 155881ADF8C for <>; Sun, 5 Jan 2014 02:34:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.438
X-Spam-Status: No, score=-2.438 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.538] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 6t15opfbGohy for <>; Sun, 5 Jan 2014 02:34:03 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id ECEA21ADF89 for <>; Sun, 5 Jan 2014 02:34:02 -0800 (PST)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 70613BE74; Sun, 5 Jan 2014 10:33:54 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 2nyxPWyGxegc; Sun, 5 Jan 2014 10:33:53 +0000 (GMT)
Received: from [] (unknown []) by (Postfix) with ESMTPSA id 03B8ABE6E; Sun, 5 Jan 2014 10:33:52 +0000 (GMT)
Message-ID: <>
Date: Sun, 05 Jan 2014 10:33:42 +0000
From: Stephen Farrell <>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: "Igoe, Kevin M." <>, "''" <>
References: <>
In-Reply-To: <>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [Cfrg] 40 bit loop and DragonFly
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 05 Jan 2014 10:34:07 -0000


On 01/05/2014 01:41 AM, Igoe, Kevin M. wrote:
> Potential IPR issues:
> Certicom has granted permission to the IETF to use the NIST curves, 
> and at least two of these, P256 and P384, have p = 3 mod 4.  

I'm not sure what exactly you mean there. From my POV, Certicom
have declared [1] that they consider that some of their IPR is somehow
required in order to implement the most excellent RFC 6090 [2] which
only references things published at least a year before Certicom's
first filing. I also seem to recall that some of their IPR
declarations do include restrictions on things like CAs issuing

So "granted permission" is not quite so clear. At least not
without either being a lawyer, or having whatever time machine
Certicom's lawyers seem to possess. I doubt we'll clarify the
IPR situation around ECC here, nor around PAKEs unfortunately.

But I think we can conclude that the Dragonfly goal of designing
around existing IPR remains a valid design goal. Whether or not
Dan has succeeded in that is another matter, participants who
care about IPR need to evaluate that for themselves.



> Not 
> being a patent lawyer, I have no idea what impact the Certicom patents 
> have on the use of newer families of curves, such as Edwards curves.  
> RFC 6090 outlines elliptic curve technology which predates the Certicom
> patents.