Re: [Cfrg] New names for draft-ladd-safecurves

Watson Ladd <> Wed, 22 January 2014 16:10 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 37F7A1A0465 for <>; Wed, 22 Jan 2014 08:10:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id PBgJ-CZKpSxd for <>; Wed, 22 Jan 2014 08:10:43 -0800 (PST)
Received: from ( [IPv6:2a00:1450:400c:c05::22c]) by (Postfix) with ESMTP id 6638B1A0460 for <>; Wed, 22 Jan 2014 08:10:43 -0800 (PST)
Received: by with SMTP id ex4so5781134wid.5 for <>; Wed, 22 Jan 2014 08:10:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=MCjMBgLQ0ERpbNAacZF7K9SO/Awy6QTYzT5GkoSnpcc=; b=JX0Upc3bh4vHWuJ4Vx+odzGEktbgqqwQn4+MOE2IHYhY6EhuHuJmVAlm/gnnkl9YAR 2eR5GrQfbuSZQksUImPnLj2sjTQ4RvjIso5QIJM6WByCZ9mTvl4wcpTpYmAZEXU7zSRv PTLsnbujRCwy12TOgs3YIypWrondmD99EW5IEEytW8wgenCXgF75feXfYzIKeAKwEBoX nuPtRVjsznWSgMzpInzZMY30PVElox3rRCD9KvczvJWzMgOMkcGwACrb9nUHojgTJVgW B4zLYOCQuDiKeKR/f5MFjmip+vdWZ3Mlao86W6ULSovMLphIUhAZLOa2uo35WxxzQt2U yUQw==
MIME-Version: 1.0
X-Received: by with SMTP id ia7mr2581397wjb.5.1390407042066; Wed, 22 Jan 2014 08:10:42 -0800 (PST)
Received: by with HTTP; Wed, 22 Jan 2014 08:10:41 -0800 (PST)
In-Reply-To: <>
References: <> <> <> <> <>
Date: Wed, 22 Jan 2014 08:10:41 -0800
Message-ID: <>
From: Watson Ladd <>
To: Bodo Moeller <>
Content-Type: text/plain; charset=UTF-8
Cc: "" <>, Jon Callas <>
Subject: Re: [Cfrg] New names for draft-ladd-safecurves
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 22 Jan 2014 16:10:45 -0000

On Wed, Jan 22, 2014 at 1:22 AM, Bodo Moeller <> wrote:
>> > ("Curve" isn't very descriptive, but I've yet to see a more descriptive
>> > name
>> > for this curve that is actually helpful.)
>> NIST isn't useful either as a prefix, but we live with it.
> I'm fine with "Curve-255-19" (plus possibly a postfix) given that
> "Curve25519" is a reasonably well-known and reasonably unique name in the
> research literature, but I think that "Curve" is much worse a prefix than
> "NIST".  While the latter also doesn't tell you anything specific about a
> given curve, at least it tells you who assigned that name, whereas "Curve"
> is more of a generic honorific than an actual name (curves without "Curve"
> in their name are curves just as much as the others).

So let's drop curve and replace with E, M, or TE to represent the
shape. For the possible generations
(which would support code size reductions with multiple curves over
the same primes) we could use m1,m2 etc.

My alternative is  g1p255-19m486662. g1p indicates genus 1 over a
prime field, 255-19 designates the prime, m486662 indicates
that is the montgomery curve with constant 486662. The problem with
this naming scheme is that it involves remembering a bunch of

Honestly, if someone could suggest a good naming scheme, I'm all ears.
But names aren't that important: the discussion over encoding formats
is much more important. Using the Safecurves names doesn't appear to
have anything wrong with it, and ends this stupid bikeshedding.
Watson Ladd

"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neither  Liberty nor Safety."
-- Benjamin Franklin