Re: [Cfrg] On "non-NIST"
Peter Gutmann <pgut001@cs.auckland.ac.nz> Sat, 28 February 2015 08:59 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 978161A039A for <cfrg@ietfa.amsl.com>; Sat, 28 Feb 2015 00:59:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.51
X-Spam-Level:
X-Spam-Status: No, score=-1.51 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rMa-VnBt0gSa for <cfrg@ietfa.amsl.com>; Sat, 28 Feb 2015 00:59:48 -0800 (PST)
Received: from mx2.auckland.ac.nz (mx2.auckland.ac.nz [130.216.125.245]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04E371A038A for <cfrg@irtf.org>; Sat, 28 Feb 2015 00:59:47 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=uoa; t=1425113988; x=1456649988; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=mv4ODfnBh9hWcU1LRhAwO7zlIM6jw+QKJDZ9a1uWhqk=; b=SfUOl37kww9hxU3qK8zTwar+XLTe7ky4uZEBYMX6GM5DKhkZvi+ghApj V4vHqXghGc2NBnAp4giFhDEeArRpZwOqHcX6Syd2igoicVqHh2uTbvCr0 qpIHMoRoRU2O1YyB5gBebUfVtt5Ntln7nqio4K7co5TZYG0lLcqwAwYNy M=;
X-IronPort-AV: E=Sophos;i="5.04,630,1406548800"; d="scan'208";a="310333394"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 130.216.4.171 - Outgoing - Outgoing
Received: from uxchange10-fe4.uoa.auckland.ac.nz ([130.216.4.171]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES128-SHA; 28 Feb 2015 21:59:43 +1300
Received: from UXCN10-5.UoA.auckland.ac.nz ([169.254.5.82]) by uxchange10-fe4.UoA.auckland.ac.nz ([169.254.109.63]) with mapi id 14.03.0174.001; Sat, 28 Feb 2015 21:59:43 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: "'cfrg@irtf.org'" <cfrg@irtf.org>
Thread-Topic: [Cfrg] On "non-NIST"
Thread-Index: AdBTNOQsZXbvxijpQGGR9F+Bwdj2Vw==
Date: Sat, 28 Feb 2015 08:59:42 +0000
Message-ID: <9A043F3CF02CD34C8E74AC1594475C73AAF91123@uxcn10-5.UoA.auckland.ac.nz>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/OZxR5IRuW-AwkNe_NQTqXfqOBMo>
Subject: Re: [Cfrg] On "non-NIST"
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Feb 2015 08:59:53 -0000
Paul Hoffman <paul.hoffman@vpnc.org> writes: >The term "non-NIST" is predictive, and the crypto community kinda sucks at >predictions. We have no idea what NIST will do in the future if a bunch of >IETF WGs adopt specific elliptic curves that are not P256/P384. Why is NIST seen as the ultimate arbiter of what's appropriate though? Look at what's happened with SHA-3, if you look at what independent standards efforts are going with it's pretty much anything but Keccak (Blake2 seems to be the most popular at the moment). So while NIST's idea of the next hash standard may be Keccak, the industry's one looks like being Blake2, or at least not Keccak. It's a variation of the old "what if they had a war and no-one came", if NIST declares the standard to be X and no-one wants it then that's perfectly OK, the usual suspects who are in it for the USG handouts will do X (Suite B anyone?) and everyone else can ignore it and use the better alternative. Peter.
- Re: [Cfrg] On "non-NIST" Peter Gutmann
- Re: [Cfrg] On "non-NIST" Paul Hoffman
- Re: [Cfrg] On "non-NIST" Phillip Hallam-Baker
- Re: [Cfrg] On "non-NIST" Watson Ladd
- Re: [Cfrg] On "non-NIST" Phillip Hallam-Baker
- Re: [Cfrg] On "non-NIST" Paul Hoffman
- Re: [Cfrg] On "non-NIST" Dan Harkins
- Re: [Cfrg] On "non-NIST" Watson Ladd
- Re: [Cfrg] On "non-NIST" Scott Fluhrer (sfluhrer)
- Re: [Cfrg] On "non-NIST" Paul Hoffman
- Re: [Cfrg] On "non-NIST" Johannes Merkle
- Re: [Cfrg] On "non-NIST" Watson Ladd
- [Cfrg] Submission of curve25519 to NIST from CFRG… Paul Lambert
- Re: [Cfrg] Submission of curve25519 to NIST from … Tony Arcieri
- Re: [Cfrg] Submission of curve25519 to NIST from … Watson Ladd
- Re: [Cfrg] Submission of curve25519 to NIST from … Paul Lambert
- Re: [Cfrg] Submission of curve25519 to NIST from … Paul Lambert
- Re: [Cfrg] Submission of curve25519 to NIST from … Watson Ladd
- Re: [Cfrg] Submission of curve25519 to NIST from … Paul Lambert
- Re: [Cfrg] Submission of curve25519 to NIST from … Phillip Hallam-Baker
- Re: [Cfrg] Submission of curve25519 to NIST from … Paul Hoffman
- Re: [Cfrg] Submission of curve25519 to NIST from … Eggert, Lars
- Re: [Cfrg] Submission of curve25519 to NIST from … Stephen Farrell
- Re: [Cfrg] Submission of curve25519 to NIST from … Michael Hamburg