Re: [Cfrg] wrt providing guidance to implementors (was: Safecurves v Brainpool / Rigid v Pseudorandom)

=JeffH <> Wed, 15 January 2014 22:14 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id F05EA1AE266 for <>; Wed, 15 Jan 2014 14:14:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 1.516
X-Spam-Level: *
X-Spam-Status: No, score=1.516 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_BL_SPAMCOP_NET=1.347, RCVD_IN_SORBS_WEB=0.77, SPF_PASS=-0.001] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id uqa1_IBXqopr for <>; Wed, 15 Jan 2014 14:14:30 -0800 (PST)
Received: from ( []) by (Postfix) with SMTP id 9D67E1AE237 for <>; Wed, 15 Jan 2014 14:14:30 -0800 (PST)
Received: (qmail 13705 invoked by uid 0); 15 Jan 2014 22:14:18 -0000
Received: from unknown (HELO ( by with SMTP; 15 Jan 2014 22:14:18 -0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;; s=default; h=Content-Transfer-Encoding:Content-Type:Subject:To:MIME-Version:From:Date:Message-ID; bh=DxDcaYVzuCswF4ShGJQTpbsXjj5vPT7iM/nsohlp5i8=; b=8k/otXMQYZgEpYTkF2oMhDFkYiERF2HJatlJn+aNGCYfNpDXa46fGkIuVA71npQR+1IQwDOBOOIcMXupnmHHCaIjRvP+IMfJirvLJD08Tm9T5OjGq+H7U9KIaZc+OpiJ;
Received: from [] (port=10133 helo=[]) by with esmtpsa (TLSv1:CAMELLIA256-SHA:256) (Exim 4.80) (envelope-from <>) id 1W3Yj4-0005ac-RV for; Wed, 15 Jan 2014 15:14:18 -0700
Message-ID: <>
Date: Wed, 15 Jan 2014 14:14:41 -0800
From: =JeffH <>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130330 Thunderbird/17.0.5
MIME-Version: 1.0
To: IRTF Crypto Forum Research Group <>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: quoted-printable
X-Identified-User: {} {sentby:smtp auth authed with}
Subject: Re: [Cfrg] wrt providing guidance to implementors (was: Safecurves v Brainpool / Rigid v Pseudorandom)
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 15 Jan 2014 22:14:32 -0000

Watson Ladd wondered..
 > And what does it say
 > about our implementors that they do not know the basics of the algorithms
 > they are asked to implement?

unfortunately, there are many examples of implementors not exactly 
understanding the stuff they're implementing and/or lacking diligence in 
ensuring all the myriad parameters are set correctly & meaningfully, etc., etc.

Here's a recent survey wrt ECC in particular..

Bos, Joppe W., et al. "Elliptic Curve Cryptography in Practice." Microsoft 
Research. November (2013).

Thus, "implementation advice/guidance" is often an important part of 



ps: there's also this classic bare-fisted rant..

Mark Pilgrim: Why Specs Matter

[ unfortunately, itself is AWOL:

conclusion (reprinted without permission, sorry):

Why specs matter

If your spec isn’t good enough, morons have no chance of ever getting things
right. For everyone who complains that their software is broken, there will
be two assholes who claim that it’s not. The spec, whose primary purpose is
to arbitrate disputes between morons and assholes, will fail to resolve
anything, and the arguments will smolder for years.

If your spec is good enough, morons have a fighting chance of getting things
right the second time around, without being besieged by assholes.
Meanwhile, the assholes who have nothing better to do than look for
loopholes won’t find any, and they’ll eventually get bored and wanderoff in
search of someone else to harass.