[Cfrg] Not the same thread -> was Re: Rerun: Elliptic Curves - preferred curves around 256bit work factor (ends on March 3rd)

Paul Lambert <paul@marvell.com> Wed, 25 February 2015 16:48 UTC

Return-Path: <paul@marvell.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D46511A1B66 for <cfrg@ietfa.amsl.com>; Wed, 25 Feb 2015 08:48:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.266
X-Spam-Level:
X-Spam-Status: No, score=-2.266 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v4C9vsyAaQZ8 for <cfrg@ietfa.amsl.com>; Wed, 25 Feb 2015 08:47:59 -0800 (PST)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 497071A1A7F for <cfrg@irtf.org>; Wed, 25 Feb 2015 08:47:59 -0800 (PST)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.14.5/8.14.5) with SMTP id t1PGj3Sk007597; Wed, 25 Feb 2015 08:47:51 -0800
Received: from sc-owa.marvell.com ([199.233.58.135]) by mx0b-0016f401.pphosted.com with ESMTP id 1srpgjccyh-1 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Wed, 25 Feb 2015 08:47:50 -0800
Received: from SC-vEXCH2.marvell.com ([10.93.76.134]) by SC-OWA.marvell.com ([::1]) with mapi; Wed, 25 Feb 2015 08:47:49 -0800
From: Paul Lambert <paul@marvell.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Wed, 25 Feb 2015 08:47:48 -0800
Thread-Topic: Not the same thread -> was Re: [Cfrg] Rerun: Elliptic Curves - preferred curves around 256bit work factor (ends on March 3rd)
Thread-Index: AdBRGsmqlSbGbf3JQeSsaPUwMSJXJw==
Message-ID: <D1133BAF.5C3D2%paul@marvell.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.8.150116
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_D1133BAF5C3D2paulmarvellcom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.13.68, 1.0.33, 0.0.0000 definitions=2015-02-25_06:2015-02-25,2015-02-25,1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1402240000 definitions=main-1502250173
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/GtHOw27-5FTRgwV6FKx6utW4dbY>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: [Cfrg] Not the same thread -> was Re: Rerun: Elliptic Curves - preferred curves around 256bit work factor (ends on March 3rd)
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Feb 2015 16:48:01 -0000

Could we please get some discipline on this list to not pollute conversation threads – especially well formed threads asking for poll with random questions, comments and rants.

Paul


From: Phillip Hallam-Baker <phill@hallambaker.com<mailto:phill@hallambaker.com>>
Date: Wednesday, February 25, 2015 at 8:22 AM
To: Stephen Farrell <stephen.farrell@cs.tcd.ie<mailto:stephen.farrell@cs.tcd.ie>>
Cc: "cfrg@irtf.org<mailto:cfrg@irtf.org>" <cfrg@irtf.org<mailto:cfrg@irtf.org>>
Subject: Re: [Cfrg] Rerun: Elliptic Curves - preferred curves around 256bit work factor (ends on March 3rd)

Do we have figures for performance of these versus RSA2048?

Yes, we get a reversal of the public/private speed advantage on signature. And that in itself is a huge win on the server side

RSA signature verification takes 0.16 ms on a reasonably current machine (signature is 6ms)

http://www.cryptopp.com/benchmarks.html

How much faster/slower one curve is over another matters much less to me than whether the curve is faster or slower than what I am already using. I am not going to be using P521 or P448 curves on a constrained device, I will go for P255.

If we had figures comparing the curve candidates to RSA it would probably be illuminating.