IETF Logo Mail Archive

[CFRG] 回复: I-D Action: draft-irtf-cfrg-det-sigs-with-noise-03.txt

Niu Danny <dannyniu@hotmail.com> Fri, 22 March 2024 01:20 UTC

Return-Path: <dannyniu@hotmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA03BC14F690 for <cfrg@ietfa.amsl.com>; Thu, 21 Mar 2024 18:20:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.236
X-Spam-Level:
X-Spam-Status: No, score=-1.236 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FORGED_HOTMAIL_RCVD2=0.874, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hotmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JG3qRaUJT54F for <cfrg@ietfa.amsl.com>; Thu, 21 Mar 2024 18:20:11 -0700 (PDT)
Received: from OS0P286CU010.outbound.protection.outlook.com (mail-japanwestazolkn19010000.outbound.protection.outlook.com [52.103.66.0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0BA28C14F689 for <cfrg@ietf.org>; Thu, 21 Mar 2024 18:20:11 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ex96oRDa5DiWSkJqDKLe2KOTliIGNtgMder/UdNob17zqCFS0uPxnBNd5REaO1mQ7+TwQ9FXdFREUQh3ZjY8ggIBw7KyAGQMvfIvoBaR+8T+lRWuAgrhDqlFhdL/QBGPgM++1Te5onpiI+XveiZABL7245HFi+slRQw7mx78gOYlHLGzTMUS8hxcQS4GtPADKn4YZjtXj24svGUANcW9NSDSFojCYiMgEFlXDqUlGpxJZ1u8mhh2u+tLAPTHcqABAE5lLIoxVLWnF3s/z+6eoJwpCoLXC22aBIVWWoAu6974cNR2PrrBNe9cTpgpmpRh5BKMi1aTLtMrLH8wBUDCVA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=1t21MsJc80VL4ir4GlN2PQqa669MLECzFWUO1pKwaMk=; b=BW7w9W0qyZMVOjcxRQ8jfHw55yDmhIaj3bB/FUM4YnF1mJNqF0yJKBSgqDB4JeS1F9jCnbVysUb5IE32X5Mf+n9CXm5YYOsyQdbF1203wWWKqZiiHP6SV/gzVjgVKhdgzuu/rUlF+3aM7t3+NTKZpj23LOhiadplQlX0YWTLQGPabdGg4HzAMNXmD+iPHHoqIGiLgXldwOd6DUuyWf8YOx6nYVdocs8CRQHq5c3H+Kb51/EKePIdc8LMFM8UMW94gKoWkf+8vj6OtBXo/PnfvG7E/ORZJ7DT+bcKjz7coX6AYK2vYCkqNk1pU0fqLZxfHGtf/QlLVUase+0mdftn2w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1t21MsJc80VL4ir4GlN2PQqa669MLECzFWUO1pKwaMk=; b=G4mNKl5gIHAdK9AC4RsDB52FTJR7OzdkI8ME7Boln3wVgpFe0fs1W9/H/46zrY88DKOJ0sxD1nruANQluAW1PbSkdGaLJ15rOEU3ooAYTaVv9VvUp0Z3hqG5+NBysGnZ7a9nmW2NiekJuKoUW6aqm5gfA+ObcPyqU31foLHo9VnP47ZUbO7nqFV2eLlzYETBdDemeSeGNheFb/aIQ2ECTbG7rbYbDLybRAGjasBLcSBeL04PjqhN/juoUT9ZAKOYTRnVsdrVXqpcAD4OAoCyD9HgdoSuFNtxJ4e4HJB4DyZDcAL14acKL+CV+aMcmNt3mNGnRj1Jy05+PVV3djAxRw==
Received: from OS3P286MB1920.JPNP286.PROD.OUTLOOK.COM (2603:1096:604:172::14) by TYYP286MB1762.JPNP286.PROD.OUTLOOK.COM (2603:1096:400:fc::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.24; Fri, 22 Mar 2024 01:20:08 +0000
Received: from OS3P286MB1920.JPNP286.PROD.OUTLOOK.COM ([fe80::f606:8757:993d:6001]) by OS3P286MB1920.JPNP286.PROD.OUTLOOK.COM ([fe80::f606:8757:993d:6001%3]) with mapi id 15.20.7409.010; Fri, 22 Mar 2024 01:20:08 +0000
From: Niu Danny <dannyniu@hotmail.com>
To: Simon Josefsson <simon=40josefsson.org@dmarc.ietf.org>, John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>
CC: "cfrg@ietf.org" <cfrg@ietf.org>
Thread-Topic: [CFRG] I-D Action: draft-irtf-cfrg-det-sigs-with-noise-03.txt
Thread-Index: AQHad62ZdG54XWhYDkiFkDSuQ+ISzLE6cZgAgAgAInGAAIuuGQ==
Date: Fri, 22 Mar 2024 01:20:08 +0000
Message-ID: <OS3P286MB1920D7341476F9D391E80D2DC1312@OS3P286MB1920.JPNP286.PROD.OUTLOOK.COM>
References: <171059902559.62439.16934208488045122879@ietfa.amsl.com> <GVXPR07MB9678799A86599695B7B31F41892F2@GVXPR07MB9678.eurprd07.prod.outlook.com> <871q834jb8.fsf@kaka.sjd.se>
In-Reply-To: <871q834jb8.fsf@kaka.sjd.se>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
x-ms-exchange-messagesentrepresentingtype: 1
x-tmn: [w7hwWvn9x5D+k/yppeQT+UOdG18YmTqz]
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: OS3P286MB1920:EE_|TYYP286MB1762:EE_
x-ms-office365-filtering-correlation-id: 9c2163b9-c223-4d4c-db83-08dc4a0e36b8
x-ms-exchange-slblob-mailprops: 7qh87CJt6y28mnXrYaz3TbdiDbghv9xwDqelXnv9BBIX5RxXK4XiuOPp45E/LVY/zHGuvbnR6Cqm5JGPzkTprASh5uLlio5nW+ijWpKvS5XFPNocVq38GsfEjbaVgZTjt2xKuRxh4Zev7ZfCJ+4DYhz5i2K3HQEMd7cO9LrWR9VdtLU4gfEUWXnbl5VyKRfDyKJqz6eY/YixtC7ChXUoYbnVSzGqE4uClez+jwnO3RM0HrE7Cfr7p+0z46raStyt5mfEz/GAFvVngUMlDh4z/X3K0a9y5t4/z+RpHNOp9gYAVfrTjZaLWIyX36e8pSLXoIQWFx6k8Gm+SJaQNiXUWiSwjtWOSVcZmYE25szZqHI0iIwda0he9RgDsRNiGv3/0Ohiz6+XVB2Yn4a2fkqbPZbTHLAjnfVfYYfKmT4RLY1GyU+ME+b1sHmtVw47MY0t/SDN31hmOnM9ADmL/0Jkq2zkNUjK1lZrbcFHGct00N0br+C+AxuFAgkuJ9yU4GjlY1HhSCayFedfxPqkvlw6oSWT4tHZuQdvledWyOep1kDggUMjt7V7olZtS1Nbcyw0TOmAUaEcgFyAP0h5zhp+7pARWcKZZsANq6WuMSkMHOQfzKUT5H39j/gp5ax3VakkfYQ6QMCJwO9b+hGevvcoipldLaLlH3iMtPKAoKIwKNAybEsq9fkdPe7K1EE4GPyCKDUYOG+dICmtqlK+1b8ZDrYHKaTRClvE8qoYK6Ns0VdcU/zd+jv4986cLYiPHsBi
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: cX427lxtQcQMiWszxkmkVaB/zPmSvHS3evW4E0PWbRGK63Slu45t1ksuUNRTZEZuxlNCAe4tawOdwssGHFFnuUmtEHdGynKzWJ1QbCLieDxf3KPpda/7HGcOO65PL9St0MIOO6tMdIDjMQNBp+Sn+8YyMfzvbgpV4/sWSzuHktz3xtSuNT2GZq1q2KSrOAAp3/9as/Qk0rITJM3gEualqtC1kxvdWQlytbPAgYGnkfcEuSh17h5yinA7/QsuYBuz5AAXVJuMqdTzCKKmK2YP9eXIHlv6VTguCduWwnjsq1HLC//39ZEYpw6cTxB1w6bYlXEZ+HvQQdpIHeR5JNAQRNi97MVvI2Z9Z7u9DTgXViHo86DntHUyBLZCrblhdVgr1xrcc3s3tvpHRCEqWJDEgc4xk2c1g0HwpmgsM6gZP902f4UpReSK3Cd8gcwNvT4JuEo/uNnOnADl7cvJt8y7L2kSq6eYNXHRBQZl04b5CI97OsUS0YB2k1WHzrcKVibngyEzmysdKzE94udcxUQ4KhavXmvGZ8lGFvDXLfpgs1h7FPiXE4mG6FJ5IKKg8g1z
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: UprtNSppwNnc7Xprh7hSmzeSNcW2mEbRL60scartZ0TsWMvfy5S7BsRKe6n1W4YZXEFk5vha++/UcYQ2vKTOm0FjCz35whEnvaB23TvSnnHac4c6eQ+ZQ0QY9/W2GVsa4CUimtc3Jd7/FBpCXUQou8j2mPqEDmneQS3ftRoScEcWmWmzaHp4PsUAy2Y7rKcR0s+nfQ8Idz71nA0hqanNWy1viKuefo5lChrVbbZlz6pMkwHTRM1H/kfNR/u4KWrxH4cwA+ww55O+LdX1EgrOA5YctzKTVLtrhHRJiRPcZnIw4yAIEYZ6nIodvV6ZdaefZxwc2Fh91n+jdglHwoXQwy4TKoRxx16LyeTlw0GUfJU7+gal2+z4GH+SyHNWf7BZXGT/1EIt3b6vJwhMKfEC2pOKXyZCPfMhMhQrcsJMDYsP2PLYqo03yL+6zo8UgstHQH41Pq3yY/iCJHjP3acc2357pd3MIPU6UnaQUrzGkTiypt8C5d/5zS8Ag7bjYYoOs2dZQw/mQ4sZbJ+p0V5lNSQIZagqU8hjOsujv8Ci1Bmx937UuGjDfQRNWJocRE+kWJdcAlACMyLRcDZq+7Ai0Yn34PwJOyFQkclgb8bV/iRxxWGCFXhwPi2/wsTtByE/GmfEniqb7WJ7iM6gk09p1GTI+cnmIoUKPnPnoAql1ij7C6NsdhgJ0+Uunpo4JVQUru2n6iwhNRhYdO5IFER+4Egwy7Xvbwyi4Bx1m1mCtUs0Je9KmizxojAvjjknIbptdL2sGsdJ1eNtFFbffjeglLo934yF8hf2SbDcvOUqBiMmRKYaY4XSnmfeJw/WukLPh9Zr6AfI9GtpXoNGZvPVYjTD+Knp5wMeokbSdRBB5VGWAbr0zpd1fE3xx1jlJ+raOzizuI8Eq1qczd9lpeYoFkn1iv41pBxgzaERqr/PPGUR/spuX+5Q5dGEwJH/MugXtlSPzYNRfLwjFfA8HvKrSh9b2HHtF4mOx91h1MOi/KBz2UC2hUtYCghD8mSjgc3/7+ES1wYsu3tk6TVJO+7jWvgK9pJ9NeCSpXu3UzNcawvlv5WOWazPTfxL4gAJqPvn9Bu4VZDwRumz1JfFoMS2F/wZCPP6PD0lu04i5imblkXyFy6ETk6Af4ZfVkAF93+XrJ8gJ0WI4+I4D/xxAkYM0jpB7GGUh3CVnNZxRvfV5SktGBWn1xNkCG9q8yXEHK/M70fjV6tBAlxIleUPBV71+g==
Content-Type: text/plain; charset="gb2312"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: sct-15-20-4755-11-msonline-outlook-05f45.templateTenant
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: OS3P286MB1920.JPNP286.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-Network-Message-Id: 9c2163b9-c223-4d4c-db83-08dc4a0e36b8
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Mar 2024 01:20:08.7550 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYYP286MB1762
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/VxcUSEQ_YOHxt_TixRgX6Fgj86w>
Subject: [CFRG] 回复: I-D Action: draft-irtf-cfrg-det-sigs-with-noise-03.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://mailman.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://mailman.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Mar 2024 01:20:15 -0000

I don't think the name change is needed.

Think about it this way: if you change the name of the signing algorithm, then that's the verifying algorithm supposed to be called?

We can call the schemes deterministic-EdDSA and hedged-EdDSA - these qualifiers are descriptive enough already. Also for the use case, we can borrow the experience with the NIST draft for Dilithium and SPHINCS+, just set Z to all-zero when using the deterministic variant.

________________________________________
发件人: CFRG <cfrg-bounces@irtf.org> 代表 Simon Josefsson <simon=40josefsson.org@dmarc.ietf.org>
发送时间: 2024年3月22日 00:54
收件人: John Mattsson
抄送: cfrg@ietf.org
主题: Re: [CFRG] I-D Action: draft-irtf-cfrg-det-sigs-with-noise-03.txt

John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org> writes:

> Hi,
> We have just uploaded version -03 of Hedged ECDSA and EdDSA Signatures.

This still uses the approach to modify RFC 8032 instead of introducing
new primitives with new separate names.  I believe this will cause
confusion: will an implementation of 'Ed25519' behave per RFC 8032 or
your document?  It seems clear that the suggested changes here are not
applicable to all use-cases, and the changes may be undesirable to many
use-cases.

How about modifying your document to introduce new primitives HEd25519,
HEd25519ph, HEd25519ctx in parallel to existing primitives Ed25519,
Ed25519ph, Ed25519ctx?  Same for 448.

I suggested using names REd* for this earlier, so essentially this is
the same request but use the new term 'Hedged' instead of 'Randomized'.
I feel the term 'Hedged' is not the best term, as it conveys the notion
of a value judgement, but using any distinct name is better than
re-using the same name to mean two different things.

Btw, maybe this could go into a RFC 8032bis instead, fixing other
erratas on the way.

/Simon

v2.23.0 | Report a Bug | By Email