IETF Logo Mail Archive

Re: [Cfrg] Chopping out curves

Watson Ladd <watsonbladd@gmail.com> Fri, 17 January 2014 19:23 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1286E1A1F00 for <cfrg@ietfa.amsl.com>; Fri, 17 Jan 2014 11:23:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.7
X-Spam-Level:
X-Spam-Status: No, score=-1.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ndGRpq-ndrVD for <cfrg@ietfa.amsl.com>; Fri, 17 Jan 2014 11:23:43 -0800 (PST)
Received: from mail-we0-x22d.google.com (mail-we0-x22d.google.com [IPv6:2a00:1450:400c:c03::22d]) by ietfa.amsl.com (Postfix) with ESMTP id 650ED1A802D for <cfrg@irtf.org>; Fri, 17 Jan 2014 11:23:43 -0800 (PST)
Received: by mail-we0-f173.google.com with SMTP id t60so4888927wes.4 for <cfrg@irtf.org>; Fri, 17 Jan 2014 11:23:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=I+q1sERc8b5NcUOqXpaZ3CiXn4PU26hsV8M1hyO6U3o=; b=FgHgrPLz9b/917aFe2Rz1ZOPTvXwMEUFVm/I75Z1GTL71HYXJkYpqU5O+bYskrQikT NKa0kzygjEhjeLGShC3DTcAt9r4xX0cfks5ytqKPpoE34IdmTCzaMa0kTkoxjKwgAg95 wBZQUqoKSPi4J3PYJbVrYAOsqN+iDarlsnLT/jkrEi6fxdzezm/k5JIle9mtWwlQGQ6p EYZ5cwgpQcVPBVTupEkL0SSBBxmugQqWH5TXZXEAozbIXH808G98w8+KcbX/21jxKNVm 03ANFKRAKCJvgXPzlgyTT5fmro4mgJn8azHtUv7D+GQbR5DwMrZKwr1oscopGAwHHzlK +3fg==
MIME-Version: 1.0
X-Received: by 10.194.175.66 with SMTP id by2mr3423208wjc.59.1389986610318; Fri, 17 Jan 2014 11:23:30 -0800 (PST)
Received: by 10.194.242.131 with HTTP; Fri, 17 Jan 2014 11:23:30 -0800 (PST)
In-Reply-To: <52D981D1.7090400@elzevir.fr>
References: <CACsn0cmJX2begH0q8vOUZhP2t3CFo_2Ad71Neke4EKejoYCPRg@mail.gmail.com> <CAGZ8ZG1qF4ba3ogjHQnMwgXV+0Fj7eR44QdvuSw3GYBvNVFZBA@mail.gmail.com> <c406386b6fc67d11332141423f2f0f40.squirrel@www.trepanning.net> <CACsn0c=Eh1J81JHq=u8WsTtVK4HAJDghyisTZnM6U61jdr2KUQ@mail.gmail.com> <20140117011414.GA3413@netbook.cypherspace.org> <20140117023629.GA4435@netbook.cypherspace.org> <52D8DEC1.9060805@akr.io> <20140117124159.GA9258@netbook.cypherspace.org> <3374f0a3-9998-44e9-a052-61a4a94fe00c@email.android.com> <CABqy+soq1uvuiMRyF2FVXZoQ1gpdiO92Gj9A+Ri5FQa=5yp3-w@mail.gmail.com> <52D97D44.6040401@akr.io> <CACsn0c=_k4yS7tQFjOtrGVSfUP3BDqpd6d0F9vJLU8uRA5Mm+A@mail.gmail.com> <52D981D1.7090400@elzevir.fr>
Date: Fri, 17 Jan 2014 11:23:30 -0800
Message-ID: <CACsn0cmM2Dd=MKZAtyoAj2_-aJrdYqnvxwohyy4KnwFQiW5xKw@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: Manuel Pégourié-Gonnard <mpg@elzevir.fr>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] Chopping out curves
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Jan 2014 19:23:45 -0000

On Fri, Jan 17, 2014 at 11:17 AM, Manuel Pégourié-Gonnard
<mpg@elzevir.fr> wrote:
> On 17/01/2014 20:01, Watson Ladd wrote:
>> Okay. I'll follow the Ed25519 paper and call it te25519 and add the
>> paper as a reference.
>> Are rationals fine, or do people want me to write big numbers?
>
> I'm sorry, but I'd prefer big numbers (or best, both). Of course it's more work
> for you, but it's less for the readers. And since the document will hopefully be
> read more often than it is written... :)

Blegh. This is going to be one ugly looking equation. 4/5 and
-121665/121666 I can memorize.
Can't do the same with giant numbers. Okay, time to fire up PARI and
make the changes.

>
> Unrelated, but Alyssa wrote:
>>> • But if we call it 'Ed25519', people might confuse it with the whole
>>>   Ed25519 signature scheme.
>>>
> With all the respect I have for the great work done by Bernstein on this, I find
> it unfortunate that the same name is used for a curve, a particular protocol
> using this curve (and often even "the" implementation), causing some confusion.

I'm not sure this is correct. Bernstein's implementation today is the
donna implementation,
and tweetnacl has tweetnacl implementation of cuve25519. It's no worse
than BLAS, where
ATLAS, gotoBLAS, netlib BLAS, and Intel all provide implementations of BLAS.

> I'll be really glad if the I{R,E}TF encourages more distinct names for curves
> and protocols (and of course, many distinct interoperable implementations as usual).

ECDH on curve XXXX seems to be what people do when disambiguation is required.
>
> Manuel.
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> http://www.irtf.org/mailman/listinfo/cfrg



-- 
"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neither  Liberty nor Safety."
-- Benjamin Franklin

v2.23.0 | Report a Bug | By Email