IETF Logo Mail Archive

Re: [Cfrg] big-endian short-Weierstrass please

Paul Hoffman <paul.hoffman@vpnc.org> Thu, 29 January 2015 20:02 UTC

Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 129F11A710D for <cfrg@ietfa.amsl.com>; Thu, 29 Jan 2015 12:02:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.347
X-Spam-Level:
X-Spam-Status: No, score=-1.347 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_MISMATCH_COM=0.553] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ex6LbW__O0vr for <cfrg@ietfa.amsl.com>; Thu, 29 Jan 2015 12:02:15 -0800 (PST)
Received: from proper.com (Opus1.Proper.COM [207.182.41.91]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA32E1A702C for <cfrg@irtf.org>; Thu, 29 Jan 2015 12:02:10 -0800 (PST)
Received: from [10.20.30.90] (50-1-51-206.dsl.dynamic.fusionbroadband.com [50.1.51.206]) (authenticated bits=0) by proper.com (8.15.1/8.14.9) with ESMTPSA id t0TK29o6091625 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 29 Jan 2015 13:02:10 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
X-Authentication-Warning: proper.com: Host 50-1-51-206.dsl.dynamic.fusionbroadband.com [50.1.51.206] claimed to be [10.20.30.90]
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
Content-Type: multipart/signed; boundary="Apple-Mail=_1A3713C5-F58D-4049-96C0-AB501FFF766D"; protocol="application/pgp-signature"; micalg="pgp-sha1"
X-Pgp-Agent: GPGMail 2.5b4
From: Paul Hoffman <paul.hoffman@vpnc.org>
In-Reply-To: <D0EFF650.2058C%uri@ll.mit.edu>
Date: Thu, 29 Jan 2015 12:02:05 -0800
Message-Id: <DA764660-62CE-47C8-B903-78B5B75CD6DB@vpnc.org>
References: <810C31990B57ED40B2062BA10D43FBF5D42BDA@XMB116CNC.rim.net> <87386ug2r7.fsf@alice.fifthhorseman.net> <810C31990B57ED40B2062BA10D43FBF5D4413B@XMB116CNC.rim.net> <87r3ueedx7.fsf@alice.fifthhorseman.net> <20150128231006.GJ3110@localhost> <D0EED79E.204B1%uri@ll.mit.edu> <878ugleei5.fsf@alice.fifthhorseman.net> <CAMm+LwhD8ZmuO7_OsGYX_VARYT=gDJSkZVavxXkTOvfFLJ-Usg@mail.gmail.com> <CACsn0ckb4xW7gTP4m9BHkQe-Y00Y306wOcuEoSQ25XLeXX14UQ@mail.gmail.com> <CAMm+LwixbMKC+JYRJv2chgBG=dkgqxTNyDY4WZYbKQNzk6isaw@mail.gmail.com> <D0EFF650.2058C%uri@ll.mit.edu>
To: "Blumenthal, Uri - 0558 - MITLL" <uri@ll.mit.edu>
X-Mailer: Apple Mail (2.2070.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/B-YM_erhcQrEfbuE0sMQrF4occ8>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] big-endian short-Weierstrass please
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Jan 2015 20:02:18 -0000

> On Jan 29, 2015, at 11:46 AM, Blumenthal, Uri - 0558 - MITLL <uri@ll.mit.edu> wrote:
> 
>> On Thu, Jan 29, 2015 at 12:50 PM, Watson Ladd <watsonbladd@gmail.com> wrote:
>>> > More importantly, I can't use your curves unless you can prove to me that they are secure. And the fact we are having trouble doing that in this group proves that it is not possible to achieve that in a protocol.
>>> We are not having trouble with that  in this group. Nobody disputes that any of the proposed curves are secure, or the details of generation…
> No, in this group we don’t seem to be having trouble with that. But I’m sure NIST did not have any trouble with security of their selected curves. Likewise, BRAINPOOL didn’t seem to worry about security of theirs (ask Tanja, she was there :), DJB is certain of his curves, etc.
> 
> See my point?

No. Are you saying that you will only use curves that NIST says are secure? Or that somehow CFRG has to convince NIST?

> How would you convince others that BRAINPOOL might have had something up their collective sleeve, but you don’t?

That seems irrelevant. Some people will never be convinced of some things that most other people agree to.

--Paul Hoffman

v2.23.0 | Report a Bug | By Email