Re: [Cfrg] BLS Signature for X.509

Dan Brown <danibrown@blackberry.com> Wed, 05 October 2016 18:19 UTC

Return-Path: <danibrown@blackberry.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68B7F1293F8 for <cfrg@ietfa.amsl.com>; Wed, 5 Oct 2016 11:19:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.596
X-Spam-Level:
X-Spam-Status: No, score=-5.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-2.996, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OCOysMwzMcu9 for <cfrg@ietfa.amsl.com>; Wed, 5 Oct 2016 11:19:03 -0700 (PDT)
Received: from smtp-p02.blackberry.com (smtp-p02.blackberry.com [208.65.78.89]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 13B081293E4 for <cfrg@irtf.org>; Wed, 5 Oct 2016 11:19:02 -0700 (PDT)
Received: from xct108cnc.rim.net ([10.65.161.208]) by mhs215cnc.rim.net with ESMTP/TLS/DHE-RSA-AES256-SHA; 05 Oct 2016 17:47:45 -0400
Received: from XMB116CNC.rim.net ([fe80::45d:f4fe:6277:5d1b]) by XCT108CNC.rim.net ([fe80::8dc1:9551:6ed8:c618%17]) with mapi id 14.03.0210.002; Wed, 5 Oct 2016 14:18:56 -0400
From: Dan Brown <danibrown@blackberry.com>
To: 'Paul Grubbs' <pag225@CORNELL.EDU>, Antonio Sanso <asanso@adobe.com>
Thread-Topic: [Cfrg] BLS Signature for X.509
Thread-Index: AQHSGufpbY1YYOxHykaegiXLdxYgpKCX1qkAgADnsICAAR9VgIAAkh6A//+/ZKA=
Date: Wed, 5 Oct 2016 18:18:55 +0000
Message-ID: <810C31990B57ED40B2062BA10D43FBF501036BBF@XMB116CNC.rim.net>
References: <9E7BD18D-496F-4F93-9DC6-EC49B56825D2@adobe.com> <00F862CA-EBC6-43C5-B3E1-9EEC3BB01A81@adobe.com> <CAKDPBw8Em9Wp=+e9ML2Uqki65bOXzT_UEqK8_xp_W8xMypN=uw@mail.gmail.com> <D94DA7EC-8C8F-4B00-BE42-022CCA3A6E1A@adobe.com> <CAKDPBw9=5T9CefNquaK_FP5-yTyt-o+1XWOaUtqtnXUmDz1PnQ@mail.gmail.com>
In-Reply-To: <CAKDPBw9=5T9CefNquaK_FP5-yTyt-o+1XWOaUtqtnXUmDz1PnQ@mail.gmail.com>
Accept-Language: en-US, en-CA
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.65.160.248]
Content-Type: multipart/alternative; boundary="_000_810C31990B57ED40B2062BA10D43FBF501036BBFXMB116CNCrimnet_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/8mPvkcIdudZrWmub8PRdXj_lloI>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] BLS Signature for X.509
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Oct 2016 18:19:05 -0000

Hi Antonio,

Can you briefly expand on the advantages of BLS, especially the aggregation of chains [citing also a reference]?  How well are these advantages aligned with IETF needs?  At the moment, I’m a little skeptical that the benefits (smaller chains?) outweigh the risks (relying on pairing-groups), but I could be wrong.

Just to be clear, although BLS uses pairing-groups, it does not have any escrow worries (unlike IBE etc.), or am I badly mistaken?

Is BLS standardized elsewhere (ISO, IEEE 1363*, etc.)?

In any event, you could prepare an individual I-D to propose BLS to IETF, although I do not how much it would be accepted.

Pairing-groups have been proposed for in use IETF before:
https://datatracker.ietf.org/doc/draft-budronimccusker-milagrotls/
https://datatracker.ietf.org/doc/rfc6508/
https://datatracker.ietf.org/doc/rfc6509/

Best regards,

Dan


From: Cfrg [mailto:cfrg-bounces@irtf.org] On Behalf Of Paul Grubbs
Sent: Wednesday, October 05, 2016 1:53 PM
To: Antonio Sanso <asanso@adobe.com>
Cc: cfrg@irtf.org
Subject: Re: [Cfrg] BLS Signature for X.509

The IETF does play an important role in the process, but most people (at least in the US) won't consider anything in crypto 'standardized' unless it involves NIST.

On Wed, Oct 5, 2016 at 5:09 AM, Antonio Sanso <asanso@adobe.com<mailto:asanso@adobe.com>> wrote:
hi Paul,

thanks. Isn’t where this group can help though (namely standardization) ?

regards

antonio

On Oct 4, 2016, at 6:01 PM, Paul Grubbs <pag225@cornell.edu<mailto:pag225@cornell.edu>> wrote:


BLS signatures would be nice for many reasons. The lack of standardized pairing groups makes it a little difficult from a deployability perspective, I think.

On Tue, Oct 4, 2016 at 2:12 AM, Antonio Sanso <asanso@adobe.com<mailto:asanso@adobe.com>> wrote:
anyome :S ?

On Sep 30, 2016, at 8:57 AM, Antonio Sanso <asanso@adobe.com<mailto:asanso@adobe.com>> wrote:

> hi *,
>
> sorry for the noise.
> I was wondering if it was already discussed the idea to use BSL Signature for X.509.
> AFAIK this will avoid certificate chains thanks to the signature aggregation property…
> If this was already discussed I apologize.
> If not WDYT about this?
>
> regards
>
> antonio
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org<mailto:Cfrg@irtf.org>
> https://www.irtf.org/mailman/listinfo/cfrg

_______________________________________________
Cfrg mailing list
Cfrg@irtf.org<mailto:Cfrg@irtf.org>
https://www.irtf.org/mailman/listinfo/cfrg