Re: [CFRG] Last call for draft-irtf-cfrg-vrf-09
Leonid Reyzin <reyzin@cs.bu.edu> Sun, 30 January 2022 02:10 UTC
Return-Path: <leonid.reyzin@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08D6D3A0CF8 for <cfrg@ietfa.amsl.com>; Sat, 29 Jan 2022 18:10:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.398
X-Spam-Level:
X-Spam-Status: No, score=-1.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gq8y-P2IDPHF for <cfrg@ietfa.amsl.com>; Sat, 29 Jan 2022 18:10:49 -0800 (PST)
Received: from mail-il1-f169.google.com (mail-il1-f169.google.com [209.85.166.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7BCDE3A0CF6 for <cfrg@irtf.org>; Sat, 29 Jan 2022 18:10:49 -0800 (PST)
Received: by mail-il1-f169.google.com with SMTP id y17so8740408ilm.1 for <cfrg@irtf.org>; Sat, 29 Jan 2022 18:10:49 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=HU9H1fhKYnF9AMm/Ho9XgMDfBSPNV32NtrojZkaJK50=; b=1X8zaWbRT4WCsJGs6ZGgiNV5t3pY7w+XX9kCzX01NaDX8LKaL1PapSijTJPkLk1gn6 LXwMrLIOBFCf/01SZr4iS82n6tUUSrR4lHFMFKYAJii586zwzSxr3fYaznTzKdvsGbDw 8Exmr6ZPzmGDu2lBGU4Ni3l7zXMCCMSZlNBb3X+svqMOK8g15oElj9b7f3L2w/kqvJo8 C0Xpj29ZsPJCqT5zOCWhCwTWqiQjfOynU3MtanPc86dIfwQvNV5VxKh12FIEOuWySMb7 4dyYsTVdhlDv+LlLX9wJ1KMJXfpkg2bouQ4fasd32naIZSBsvSsWx7y7IRnG2CO7LTuT +4Yg==
X-Gm-Message-State: AOAM530ETeqpVpI9p53m7fL9oIrRl8b2b4Tz8tA28O0ToyLFJJYhqjd7 eZY4iEo4E4ipjnUVbTsphb1gRAormGhbjduZIT8i61EmEx+msQ==
X-Google-Smtp-Source: ABdhPJw+AJQYAB1q8JIuyO5Op4kWrsHKMCPImQ6cZ2PfIA0zCqfifC9N8hYksw9ZZRqSLJrFeBMNKQxGiWg/FBAr+Zg=
X-Received: by 2002:a05:6e02:1bc2:: with SMTP id x2mr9738395ilv.322.1643508648565; Sat, 29 Jan 2022 18:10:48 -0800 (PST)
MIME-Version: 1.0
References: <CAFDDyk-YoTd=382yAAjuerPmhnS8_34QVkbtJcon+mvT2dBzjw@mail.gmail.com> <CAHZ6D0sY9TDK+dS1_BHfQB1UzbE-Tpx7e4zEDECS+ki3rk6eHg@mail.gmail.com> <CAFDDyk84bCEVtDJpHbjT2680nQkrQ4TANtB16cfTcB=95b18Rg@mail.gmail.com> <CAHZ6D0tGyGWkJ1RBQnox2SrXzf1-WSwF0bFQyEySd7ba4psiwA@mail.gmail.com>
In-Reply-To: <CAHZ6D0tGyGWkJ1RBQnox2SrXzf1-WSwF0bFQyEySd7ba4psiwA@mail.gmail.com>
From: Leonid Reyzin <reyzin@cs.bu.edu>
Date: Sat, 29 Jan 2022 21:10:22 -0500
Message-ID: <CAHZ6D0sEH+7jCs1Jnjkcy+ewpX7nEfK8kaHFB244DJCs2VfjVw@mail.gmail.com>
To: CFRG <cfrg@irtf.org>
Content-Type: multipart/alternative; boundary="0000000000002ee28705d6c32d9e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/3qiCNBa0aQJXo9G9sFwQSSg23Mo>
Subject: Re: [CFRG] Last call for draft-irtf-cfrg-vrf-09
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 30 Jan 2022 02:10:54 -0000
Dear ]CFRG, We have completed the work of responding to comments. Here's the final set of changes based on comments we received. We will be posting an updated version of the draft shortly on datatracker. 1) We renamed hash-to-curve to encode-to-curve, to be consistent with the terminology in the hash-to-curve draft. See [this commit]( https://github.com/cfrg/draft-irtf-cfrg-vrf/commit/1b1cd9a0f5809723b508bd9d73e61783d3718051 ) 2) We made the draft more flexible with respect to the hash salt. Our hash salt for the existing ciphersuites remains the public key. However, we now allow the possibility that additional future ciphersuites will define a different hash salt. This feature is useful when multiple public keys want to share the same salt in order to make sure the same inputs hash to the same outputs for multiple public keys, which can facilitate higher-level protocols built on top of the VRF. This change required adding the public key as input to the ECVRF_challenge_generation (in case it is not a salt in hash-to-curve) and thus also changed portions of the test vectors. This change is in [this pull request]( https://github.com/cfrg/draft-irtf-cfrg-vrf/pull/4). Cryptographically yours, Leo On Wed, Jan 26, 2022 at 9:28 AM Leonid Reyzin <reyzin@cs.bu.edu> wrote: > Thank you, CFRG chairs! > > We accepted this PR. > > There are still a few outstanding comments we are fixing. We will complete > this work shortly, respond to the comments on this list, and submit a new > version. > > Best, > > Leo > > > On Tue, Jan 25, 2022 at 10:49 AM Nick Sullivan <nick@cloudflare.com> > wrote: > >> Dear CFRG, >> >> Thank you for all the reviews and comments on this draft. The last call >> was successful and the draft will be moved forward towards publication. >> >> Authors, please review the final PR and submit a new version of the >> draft. >> https://github.com/cfrg/draft-irtf-cfrg-vrf/pull/3 >> >> Nick (for the chairs) >> >> >> On Tue, Nov 16, 2021 at 9:38 PM Leonid Reyzin <reyzin@cs.bu.edu> wrote: >> >>> >>> Thanks to everyone who chimed in on the last call. Particular thanks to >>> Chris Peikert, Jiayu Xu, Riad Wahby, Chris Wood, Burt Kaliski, Antonio >>> Marcedone, and Brian Chen for the detailed reading and comments! We have >>> responded to some comments already; we will work through the rest and >>> produce an updated draft shortly. >>> >>> Best, >>> >>> Leo >>> >>> >>> >>> On Mon, Oct 25, 2021 at 3:11 PM Nick Sullivan <nick= >>> 40cloudflare.com@dmarc.ietf.org> wrote: >>> >>>> Dear CFRG participants, >>>> >>>> The VRF draft has received significant reviews from the RG and the >>>> crypto panel and is ready for a second last call. This email commences a >>>> last call for this document that will end on the last day of IETF 112 >>>> Online (12 Nov 2021): >>>> >>>> https://datatracker.ietf.org/doc/draft-irtf-cfrg-vrf/ >>>> >>>> If you've read the document by the end of this period and think that it >>>> is ready (or not ready) for publication as an RFC, please send a message in >>>> reply to this email. Detailed comments would be helpful. You can reach out >>>> directly to CFRG chairs (cfrg-chairs@ietf.org) if you have questions >>>> about the process. >>>> >>>> Thank you, >>>> Nick, Stanislav & Alexey >>>> _______________________________________________ >>>> CFRG mailing list >>>> CFRG@irtf.org >>>> https://www.irtf.org/mailman/listinfo/cfrg >>>> >>>
- [CFRG] Last call for draft-irtf-cfrg-vrf-09 Nick Sullivan
- Re: [CFRG] Last call for draft-irtf-cfrg-vrf-09 Riad S. Wahby
- Re: [CFRG] Last call for draft-irtf-cfrg-vrf-09 Christopher Wood
- Re: [CFRG] Last call for draft-irtf-cfrg-vrf-09 Leonid Reyzin
- Re: [CFRG] Last call for draft-irtf-cfrg-vrf-09 Kaliski, Burt
- Re: [CFRG] Last call for draft-irtf-cfrg-vrf-09 Christopher Wood
- Re: [CFRG] Last call for draft-irtf-cfrg-vrf-09 Leonid Reyzin
- Re: [CFRG] Last call for draft-irtf-cfrg-vrf-09 Leonid Reyzin
- Re: [CFRG] Last call for draft-irtf-cfrg-vrf-09 Nick Sullivan
- Re: [CFRG] Last call for draft-irtf-cfrg-vrf-09 Leonid Reyzin
- Re: [CFRG] Last call for draft-irtf-cfrg-vrf-09 Leonid Reyzin