Re: [Cfrg] revised requirements for new curves
Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon, 08 September 2014 14:30 UTC
Return-Path: <mpg@elzevir.fr>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A24F1A8843 for <cfrg@ietfa.amsl.com>; Mon, 8 Sep 2014 07:30:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.893
X-Spam-Level: **
X-Spam-Status: No, score=2.893 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, FH_RELAY_NODNS=1.451, HELO_EQ_FR=0.35, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.793] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p4JE7mEgkkUi for <cfrg@ietfa.amsl.com>; Mon, 8 Sep 2014 07:30:26 -0700 (PDT)
Received: from mordell.elzevir.fr (unknown [IPv6:2001:4b98:dc0:41:216:3eff:feeb:c406]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2473D1A8837 for <cfrg@irtf.org>; Mon, 8 Sep 2014 07:30:25 -0700 (PDT)
Received: from thue.elzevir.fr (thue.elzevir.fr [88.165.216.11]) by mordell.elzevir.fr (Postfix) with ESMTPS id C461C16148; Mon, 8 Sep 2014 16:30:22 +0200 (CEST)
Received: from [192.168.0.124] (unknown [192.168.0.254]) by thue.elzevir.fr (Postfix) with ESMTPSA id 25A071F63C; Mon, 8 Sep 2014 16:30:22 +0200 (CEST)
Message-ID: <540DBD7D.6080600@elzevir.fr>
Date: Mon, 08 Sep 2014 16:30:21 +0200
From: Manuel Pégourié-Gonnard <mpg@elzevir.fr>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.1.0
MIME-Version: 1.0
To: William Whyte <wwhyte@securityinnovation.com>, "Paterson, Kenny" <Kenny.Paterson@rhul.ac.uk>, cfrg@irtf.org
References: <D0333B6F.2C8CF%kenny.paterson@rhul.ac.uk> <767661cb458e2aaadb9967a0dd15d542@mail.gmail.com>
In-Reply-To: <767661cb458e2aaadb9967a0dd15d542@mail.gmail.com>
OpenPGP: id=98EED379; url=https://elzevir.fr/gpg/mpg.asc
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/bNTJnCqgbVDO8Izl2G_69rhkKSQ
Subject: Re: [Cfrg] revised requirements for new curves
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Sep 2014 14:30:28 -0000
On 08/09/2014 15:49, William Whyte wrote: > IN1: I don't understand how a curve could be incompatible with a TLS RFC. A > new curve would be a new ciphersuite: to support a new curve, you reserve a > ciphersuite identifier and define behavior for that ciphersuite identifier. I guess you mean a NamedCurve identifier (RFC 4492 sec. 5.1.1) rather than a ciphersuite identifier. Currently, ciphersuites only specify the high-level mechanism (ECDH(E), ECDSA), not the specific curve(s) used by this mechanism. (There is a draft for including curve selection in the ciphersuite identifier, but for now it's only a draft). And possibly some new ECPointFormat (sec 5.1.2) in addition, if the new curves support other representations than short Weierstrass, and the decision is made to allow those representations on the wire (rather than to force conversion to short Weierstrass). By the way, the TLS curve/point negotiation doesn't allow peers to negotiate the use of different point formats for different curves. That's probably something to bear in mind when discussing point formats. Manuel.
- Re: [Cfrg] revised requirements for new curves Paterson, Kenny
- Re: [Cfrg] revised requirements for new curves William Whyte
- Re: [Cfrg] revised requirements for new curves Manuel Pégourié-Gonnard
- Re: [Cfrg] revised requirements for new curves Phillip Hallam-Baker
- Re: [Cfrg] revised requirements for new curves Stephen Farrell
- Re: [Cfrg] revised requirements for new curves Paterson, Kenny
- Re: [Cfrg] revised requirements for new curves Paterson, Kenny
- Re: [Cfrg] revised requirements for new curves Watson Ladd
- Re: [Cfrg] revised requirements for new curves Paterson, Kenny
- Re: [Cfrg] revised requirements for new curves David Jacobson
- Re: [Cfrg] revised requirements for new curves Manuel Pégourié-Gonnard
- Re: [Cfrg] revised requirements for new curves D. J. Bernstein
- Re: [Cfrg] revised requirements for new curves Michael Hamburg
- Re: [Cfrg] revised requirements for new curves Paterson, Kenny
- Re: [Cfrg] revised requirements for new curves Adam Langley
- Re: [Cfrg] revised requirements for new curves Paterson, Kenny
- Re: [Cfrg] revised requirements for new curves Adam Langley
- Re: [Cfrg] revised requirements for new curves Damien Miller
- Re: [Cfrg] revised requirements for new curves Damien Miller
- Re: [Cfrg] revised requirements for new curves Torsten Schuetze
- Re: [Cfrg] revised requirements for new curves Eric Rescorla
- Re: [Cfrg] revised requirements for new curves Markulf Kohlweiss
- Re: [Cfrg] revised requirements for new curves Phillip Hallam-Baker
- Re: [Cfrg] revised requirements for new curves Alyssa Rowan
- Re: [Cfrg] revised requirements for new curves Michael Hamburg
- Re: [Cfrg] revised requirements for new curves Phillip Hallam-Baker
- Re: [Cfrg] revised requirements for new curves Michael Hamburg
- Re: [Cfrg] revised requirements for new curves Andrey Jivsov
- Re: [Cfrg] revised requirements for new curves Andrey Jivsov