Re: [Cfrg] Meeting notes
"Derek Atkins" <derek@ihtfp.com> Fri, 27 March 2015 20:55 UTC
Return-Path: <derek@ihtfp.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CAD891B2A55 for <cfrg@ietfa.amsl.com>; Fri, 27 Mar 2015 13:55:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UsQ74IrmAQZ2 for <cfrg@ietfa.amsl.com>; Fri, 27 Mar 2015 13:55:58 -0700 (PDT)
Received: from mail2.ihtfp.org (mail2.ihtfp.org [IPv6:2001:4830:143:1::3a11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B1541B2A36 for <cfrg@irtf.org>; Fri, 27 Mar 2015 13:55:58 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id B26A6E2036; Fri, 27 Mar 2015 16:55:56 -0400 (EDT)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 17026-07; Fri, 27 Mar 2015 16:55:54 -0400 (EDT)
Received: by mail2.ihtfp.org (Postfix, from userid 48) id 43287E2039; Fri, 27 Mar 2015 16:55:54 -0400 (EDT)
Received: from 192.168.248.220 (SquirrelMail authenticated user warlord) by mail2.ihtfp.org with HTTP; Fri, 27 Mar 2015 16:55:54 -0400
Message-ID: <49380f24bf3d6268074800b37a566a71.squirrel@mail2.ihtfp.org>
In-Reply-To: <94D99ECB-98CA-4D25-897D-BA4BA8178409@gmail.com>
References: <CAHOTMVKUyNsA7ux4epk8LwR0w0Eh7dh0G3xTXB3O9m8jQPS3EQ@mail.gmail.com> <0C65868C-1725-4B32-A562-62C9DF36A956@gmail.com> <c65696d44c65b12478532bcb01fb2ef3.squirrel@mail2.ihtfp.org> <94D99ECB-98CA-4D25-897D-BA4BA8178409@gmail.com>
Date: Fri, 27 Mar 2015 16:55:54 -0400
From: Derek Atkins <derek@ihtfp.com>
To: Yoav Nir <ynir.ietf@gmail.com>
User-Agent: SquirrelMail/1.4.22-14.fc20
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-Virus-Scanned: Maia Mailguard 1.0.2a
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/bloo3YWPfJfmxBqtrHNLL4kjtkQ>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] Meeting notes
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Mar 2015 20:55:59 -0000
Hi, On Fri, March 27, 2015 10:44 am, Yoav Nir wrote: > >> On Mar 27, 2015, at 8:29 AM, Derek Atkins <derek@ihtfp.com> wrote: >> AE has a set of public parameters that you use to generate keypairs that >> can communicate (the equivalent of an ECC Curve or DH Prime). The issue >> is that you need random data to generate those public parameters, and >> that >> random data needs to be kept secret. Once the parameters are generated >> you don't need access to the random data ever again, but the issue, as I >> understand it, is "how do you know that that random data wasn't >> compromised during the parameter generation process?" >> >> Hopefully this better explains the issue? > > Not quite. For ECC and DH these parameters were generated once, and then > those public parameters were published in an RFC or NIST document. So 10 > years after their generation, we still use those public parameters and we > don’t ever need access to any random data that was used to generate them. > They’re hard-coded in every implementation. > > Is that the same for AE? Yes. > Because if it is, you could just generate those > parameters, stick them in the draft and be done with it (up to some NUMS > claims that can be solved with a key generation ceremony that need happen > only once. Exactly. > Thanks. > > Yoav -derek -- Derek Atkins 617-623-3745 derek@ihtfp.com www.ihtfp.com Computer and Internet Security Consultant
- [Cfrg] Meeting notes Tony Arcieri
- Re: [Cfrg] Meeting notes Yoav Nir
- Re: [Cfrg] Meeting notes Derek Atkins
- Re: [Cfrg] Meeting notes Yoav Nir
- Re: [Cfrg] Meeting notes Derek Atkins
- Re: [Cfrg] Meeting notes Watson Ladd
- Re: [Cfrg] Meeting notes Daniel Kahn Gillmor
- Re: [Cfrg] Meeting notes Johannes Merkle
- Re: [Cfrg] Meeting notes Yoav Nir
- Re: [Cfrg] Meeting notes Ilari Liusvaara
- [Cfrg] (on Algebraic Eraser) Re: Meeting notes Rene Struik
- Re: [Cfrg] (on Algebraic Eraser) Re: Meeting notes Derek Atkins
- Re: [Cfrg] (on Algebraic Eraser) Re: Meeting notes Nico Williams
- Re: [Cfrg] Meeting notes Nico Williams
- Re: [Cfrg] (on Algebraic Eraser) Re: Meeting notes Rene Struik
- Re: [Cfrg] (on Algebraic Eraser) Re: Meeting notes Nico Williams
- Re: [Cfrg] Meeting notes Derek Atkins
- Re: [Cfrg] Meeting notes Alexey Melnikov