Re: [Cfrg] Meeting notes
Derek Atkins <derek@ihtfp.com> Wed, 01 April 2015 20:24 UTC
Return-Path: <derek@ihtfp.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 265E91A909B for <cfrg@ietfa.amsl.com>; Wed, 1 Apr 2015 13:24:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.61
X-Spam-Level:
X-Spam-Status: No, score=0.61 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, HELO_MISMATCH_ORG=0.611] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZjsMfdH-MCUo for <cfrg@ietfa.amsl.com>; Wed, 1 Apr 2015 13:24:58 -0700 (PDT)
Received: from mail2.ihtfp.org (MAIL2.IHTFP.ORG [204.107.200.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 67A701A9092 for <cfrg@irtf.org>; Wed, 1 Apr 2015 13:24:58 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 318A9E2039; Wed, 1 Apr 2015 16:24:57 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 24044-06; Wed, 1 Apr 2015 16:24:55 -0400 (EDT)
Received: from securerf.ihtfp.org (unknown [IPv6:fe80::ea2a:eaff:fe7d:235]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mocana.ihtfp.org", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail2.ihtfp.org (Postfix) with ESMTPS id 70FC9E2036; Wed, 1 Apr 2015 16:24:55 -0400 (EDT)
Received: (from warlord@localhost) by securerf.ihtfp.org (8.14.8/8.14.8/Submit) id t31KOqQN011046; Wed, 1 Apr 2015 16:24:52 -0400
From: Derek Atkins <derek@ihtfp.com>
To: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
References: <CAHOTMVKUyNsA7ux4epk8LwR0w0Eh7dh0G3xTXB3O9m8jQPS3EQ@mail.gmail.com> <0C65868C-1725-4B32-A562-62C9DF36A956@gmail.com> <c65696d44c65b12478532bcb01fb2ef3.squirrel@mail2.ihtfp.org> <94D99ECB-98CA-4D25-897D-BA4BA8178409@gmail.com> <87y4mhtf5a.fsf@alice.fifthhorseman.net> <F7CF0AB9-4F3E-4FD4-B4D2-2F5172CB4BF2@gmail.com> <20150330104505.GA11195@LK-Perkele-VII>
Date: Wed, 01 Apr 2015 16:24:52 -0400
In-Reply-To: <20150330104505.GA11195@LK-Perkele-VII> (Ilari Liusvaara's message of "Mon, 30 Mar 2015 13:45:05 +0300")
Message-ID: <sjm1tk3lhpn.fsf@securerf.ihtfp.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/FfD5iXTWvMsx0-1mcHPR531v2W4>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] Meeting notes
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Apr 2015 20:24:59 -0000
Ilari Liusvaara <ilari.liusvaara@elisanet.fi> writes: > I haven't really looked, but on surface the algorithm doesn't look to > be friendly for constant-time implementation. Matrix row or column > swaps are involved? No, it does not involve row or column swaps. > So constant-time implementation would likely be a lot slower (it could > still be much faster than ECC). It's actually not slower; indeed, our current implementatons (both in software and hardware) are constant time. > Modern CPUs and OSes are pretty ridiculously vulernable to timing > attacks. Even across VMs. > > > Another advantage: It uses medium primes, which are much > easier to work with than large primes (one can't use medium primes > with ECC due to weak fields). For CPU work, 2^31-1 looks to be pretty > convinient prime. -derek -- Derek Atkins 617-623-3745 derek@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant
- [Cfrg] Meeting notes Tony Arcieri
- Re: [Cfrg] Meeting notes Yoav Nir
- Re: [Cfrg] Meeting notes Derek Atkins
- Re: [Cfrg] Meeting notes Yoav Nir
- Re: [Cfrg] Meeting notes Derek Atkins
- Re: [Cfrg] Meeting notes Watson Ladd
- Re: [Cfrg] Meeting notes Daniel Kahn Gillmor
- Re: [Cfrg] Meeting notes Johannes Merkle
- Re: [Cfrg] Meeting notes Yoav Nir
- Re: [Cfrg] Meeting notes Ilari Liusvaara
- [Cfrg] (on Algebraic Eraser) Re: Meeting notes Rene Struik
- Re: [Cfrg] (on Algebraic Eraser) Re: Meeting notes Derek Atkins
- Re: [Cfrg] (on Algebraic Eraser) Re: Meeting notes Nico Williams
- Re: [Cfrg] Meeting notes Nico Williams
- Re: [Cfrg] (on Algebraic Eraser) Re: Meeting notes Rene Struik
- Re: [Cfrg] (on Algebraic Eraser) Re: Meeting notes Nico Williams
- Re: [Cfrg] Meeting notes Derek Atkins
- Re: [Cfrg] Meeting notes Alexey Melnikov