[Cfrg] Addition of elliptic curves that are compatible with Russian GOST

"Stanislav V. Smyshlyaev" <smyshsv@gmail.com> Wed, 04 February 2015 07:57 UTC

Return-Path: <smyshsv@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 1CDE71A6FBB for <cfrg@ietfa.amsl.com>; Tue, 3 Feb 2015 23:57:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.1
X-Spam-Status: No, score=-0.1 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id Ti8eRpCsCynb for <cfrg@ietfa.amsl.com>; Tue, 3 Feb 2015 23:57:20 -0800 (PST)
Received: from mail-ob0-x235.google.com (mail-ob0-x235.google.com [IPv6:2607:f8b0:4003:c01::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 881E81A6F5D for <cfrg@irtf.org>; Tue, 3 Feb 2015 23:57:20 -0800 (PST)
Received: by mail-ob0-f181.google.com with SMTP id vb8so81055obc.12 for <cfrg@irtf.org>; Tue, 03 Feb 2015 23:57:19 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=cAN6Voy+MeXEffKzmv+QopJkCDhcH2CIwUuAGjdMNGI=; b=OXOEeQeV+vq5K0jcu6DIQ+yUzJTWziQ7v1FvKLLFTf0J7HRZ2HnLhukDwL+/wDoaj2 bJnKB45EJYfQEDJ8EeWZUAoqsPfPdHt2w1LrnNw7DOaJqcaMiIdRghrjvubhIE2eSvMN GtX/hkFZ2et0gp6Zkf42Z/5oD5XN+6+lLUTgWKHACSG/uX+btD8iarJgC2SAjt82X7F+ ND9qvQ2rxLhkx55JoMciQR5USxb55kHvTqVNfGYwnPKt4hn6qd+pvE7zta9t29klShWT WeLtzrgmkYOJF2j8tpLCMcCUhh5KnS5gY0l0wx7axw9AcgFwI5b/7d4+6/FB5q8zCZ/Z 46ZA==
MIME-Version: 1.0
X-Received: by with SMTP id m126mr7301941oia.33.1423036639880; Tue, 03 Feb 2015 23:57:19 -0800 (PST)
Received: by with HTTP; Tue, 3 Feb 2015 23:57:19 -0800 (PST)
Date: Wed, 04 Feb 2015 10:57:19 +0300
Message-ID: <CAMr0u6kOkESwiyB7vv6poWa8wf-8__Zn3d9yLqJYGYK9rMwVAQ@mail.gmail.com>
From: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>
To: "cfrg@irtf.org" <cfrg@irtf.org>, "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>, Watson Ladd <watsonbladd@gmail.com>, Paul Lambert <paul@marvell.com>, Alyssa Rowan <akr@akr.io>, alexey.melnikov@isode.com
Content-Type: multipart/alternative; boundary="001a113d660a6c2bda050e3e8986"
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/SekmSjRjk8_vhhqyFojKgmubyLs>
Subject: [Cfrg] Addition of elliptic curves that are compatible with Russian GOST
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Feb 2015 07:57:23 -0000

Dear colleagues,

We kindly ask you to agree to add two Twisted Edwards curves with p =
2^{512}-d and p = 2^{256}-d to the proposed draft.

If you see it possible, we can generate these two curves ourselves –
completely with accordance to the method described in the current draft
(including deterministic "rigid" "non-random" method of curve search

It can be done very quickly – we have a big interest in it, since only
curves with 2^{254}<q<2^{256} and 2^{508}<q<2^{512} are allowed with our
GOST and we want our Russian PKI standards to be as much connected with
international ones as possible.

P.S.: Description of our GOST can be found in ISO/IEC
14888-3:2006/Amd.1:2010(en) Information technology — Security techniques —
Digital signatures with appendix — Part 3: Discrete logarithm based
mechanisms AMENDMENT 1: Elliptic Curve Russian Digital Signature Algorithm,
Schnorr Digital Signature Algorithm, Elliptic Curve Schnorr Digital
Signature Algorithm, and Elliptic Curve Full Schnorr Digital Signature

Best regards,
Stanislav V. Smyshlyaev, Ph.D.,
Head of Information Security Department,
CryptoPro LLC