[Cfrg] New edition of safecurves draft
Watson Ladd <watsonbladd@gmail.com> Fri, 28 March 2014 18:12 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D60041A093E for <cfrg@ietfa.amsl.com>; Fri, 28 Mar 2014 11:12:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4MR4LbouQmuc for <cfrg@ietfa.amsl.com>; Fri, 28 Mar 2014 11:12:28 -0700 (PDT)
Received: from mail-yh0-x234.google.com (mail-yh0-x234.google.com [IPv6:2607:f8b0:4002:c01::234]) by ietfa.amsl.com (Postfix) with ESMTP id 7BE241A0332 for <cfrg@irtf.org>; Fri, 28 Mar 2014 11:12:28 -0700 (PDT)
Received: by mail-yh0-f52.google.com with SMTP id c41so5333308yho.39 for <cfrg@irtf.org>; Fri, 28 Mar 2014 11:12:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=zXXRb0y+XxSlwNqOWPPeuXCgzosFZPTcjoOrkiwnLfw=; b=wjEmJriG6VKo3LfjvEn5xmYrVa73XBiD8DawZElixasEWWbW0CX6fZRAlV1iE6jCjc kzqwBgJsoKBwmPNHNMaKH4MzPTMnrAr8+RG4Ls4XSaVahsS3p6EttiTDM4E97yZmuJrs 8uvV8f+iOiN0cFGTo3UTFGzfFdUQ8H27Yw8qt7LAZ6g/TsRPJxTI59faMQzJhOd+Q/bo es22XlgPw/hbfnnWDXVEr9VgTb3SeBqpq+6UvPtHopAuBVh70yBLYivy0LnG355eh6H1 Emsqz4IcFBAZbHaklg5oMNymMDNxKXJAkUu/Ojrl9nUQxHQyYO5YDyRLWwT7evRj9AO+ WkNw==
MIME-Version: 1.0
X-Received: by 10.236.137.8 with SMTP id x8mr13528788yhi.4.1396030346182; Fri, 28 Mar 2014 11:12:26 -0700 (PDT)
Received: by 10.170.80.214 with HTTP; Fri, 28 Mar 2014 11:12:26 -0700 (PDT)
Date: Fri, 28 Mar 2014 14:12:26 -0400
Message-ID: <CACsn0cnNadyYk=b+oeVSfOeTt5wo0Cj05=FKwAXTNc=9DLYZqg@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: "cfrg@irtf.org" <cfrg@irtf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/dC7HiqeW80FlkACwU2_2wrP90QE
Subject: [Cfrg] New edition of safecurves draft
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Mar 2014 18:12:30 -0000
Dear all, I've decided to use the point formats that DJB's software does. There are good arguments for them, and while alternatives are interesting, I've not seen a clearly better one. Given that Robert Ransom is working on a draft like RFC 6090 (but correct) for these curves, I've shortened the formula section to explain how to deal with cofactors alone, and kick bignum arithmetic and algebraic background down the road. Signatures are a more complex issue: Ed25519 style is probably the way to go, but it requires some choices of hash functions. Sincerely, Watson Ladd
- [Cfrg] New edition of safecurves draft Watson Ladd