Re: [Cfrg] Task looming over the CFRG
Johannes Merkle <johannes.merkle@secunet.com> Tue, 06 May 2014 12:47 UTC
Return-Path: <Johannes.Merkle@secunet.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9765D1A02E6 for <cfrg@ietfa.amsl.com>; Tue, 6 May 2014 05:47:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.251
X-Spam-Level:
X-Spam-Status: No, score=-3.251 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.651] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V2bOfIl8I10d for <cfrg@ietfa.amsl.com>; Tue, 6 May 2014 05:47:54 -0700 (PDT)
Received: from a.mx.secunet.com (a.mx.secunet.com [195.81.216.161]) by ietfa.amsl.com (Postfix) with ESMTP id 769521A0061 for <cfrg@irtf.org>; Tue, 6 May 2014 05:47:54 -0700 (PDT)
Received: from localhost (alg1 [127.0.0.1]) by a.mx.secunet.com (Postfix) with ESMTP id 1F9221A00BB; Tue, 6 May 2014 14:47:50 +0200 (CEST)
X-Virus-Scanned: by secunet
Received: from a.mx.secunet.com ([127.0.0.1]) by localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id DOe0fBoGmjA5; Tue, 6 May 2014 14:47:41 +0200 (CEST)
Received: from mail-gw-int (unknown [10.53.40.207]) by a.mx.secunet.com (Postfix) with ESMTP id 03DB81A00BA; Tue, 6 May 2014 14:47:41 +0200 (CEST)
Received: from [10.53.40.204] (port=50306 helo=mail-essen-01.secunet.de) by mail-gw-int with esmtp (Exim 4.80 #2 (Debian)) id 1Whema-0002Ij-F8; Tue, 06 May 2014 14:47:40 +0200
Received: from [10.208.1.57] (10.208.1.57) by mail-essen-01.secunet.de (10.53.40.204) with Microsoft SMTP Server (TLS) id 14.3.181.6; Tue, 6 May 2014 14:47:40 +0200
Message-ID: <5368D9EB.8050700@secunet.com>
Date: Tue, 06 May 2014 14:47:39 +0200
From: Johannes Merkle <johannes.merkle@secunet.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: Watson Ladd <watsonbladd@gmail.com>, "Igoe, Kevin M." <kmigoe@nsa.gov>
References: <3C4AAD4B5304AB44A6BA85173B4675CABAA4022F@MSMR-GH1-UEA03.corp.nsa.gov> <CACsn0ckenF3ps-sUmwD8QAQQVpSdsLc7KZX+FpZWuD8nXnLQTA@mail.gmail.com>
In-Reply-To: <CACsn0ckenF3ps-sUmwD8QAQQVpSdsLc7KZX+FpZWuD8nXnLQTA@mail.gmail.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.208.1.57]
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/7UGBHI6sjLTQBKuRQmdkS_WLHGc
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] Task looming over the CFRG
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 May 2014 12:47:55 -0000
Watson, > Digital signatures is a bit hairy because of the issue of certs: you > end up needing to support more curves than you would think you would > going in. But yes, we should discuss adopting more Schnorr-like > mechanisms then ECDSA: the patents that forced ECDSA to look the way > it did are long gone. However, that's not what the current TLS draft > is about: it's purely addressing key exchange. Certificate changes > will be a bit more work. > While I agree that Schnorr-like signatures (potentially deterministic) have slight advantages over ECDSA, the discussion on the signature scheme is a different topic, isn't it? Most ECDSA implementations could be easily adopted to twisted Edwards curves (or any other elliptic curve representations for that matter) by exchanging the underlying curve arithmetic, without any change in the code implementing the signature algorithm. I am not even sure, if using ECDSA over twisted Edwards curves requires new signature algorithm OIDs and ASN1 syntax. The signature consists of two integers r and s, only the public key and the curve parameters need to be re-interpreted. -- Johannes
- [Cfrg] Task looming over the CFRG Igoe, Kevin M.
- Re: [Cfrg] Task looming over the CFRG Michael Hamburg
- Re: [Cfrg] Task looming over the CFRG Rene Struik
- Re: [Cfrg] Task looming over the CFRG Paul Lambert
- Re: [Cfrg] Task looming over the CFRG Rene Struik
- Re: [Cfrg] Task looming over the CFRG David McGrew
- Re: [Cfrg] Task looming over the CFRG Igoe, Kevin M.
- Re: [Cfrg] Task looming over the CFRG Paul Lambert
- Re: [Cfrg] Task looming over the CFRG Michael Hamburg
- Re: [Cfrg] Task looming over the CFRG Blumenthal, Uri - 0668 - MITLL
- Re: [Cfrg] Task looming over the CFRG Michael Hamburg
- Re: [Cfrg] Task looming over the CFRG Watson Ladd
- Re: [Cfrg] Task looming over the CFRG Johannes Merkle
- Re: [Cfrg] Task looming over the CFRG Igoe, Kevin M.
- Re: [Cfrg] Task looming over the CFRG Johannes Merkle
- Re: [Cfrg] Task looming over the CFRG Paul Lambert
- Re: [Cfrg] Task looming over the CFRG Watson Ladd
- Re: [Cfrg] Task looming over the CFRG Blumenthal, Uri - 0558 - MITLL