Re: [Cfrg] On the use of Montgomery form curves for key agreement

Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 02 September 2014 21:47 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 658BD1A88BC for <cfrg@ietfa.amsl.com>; Tue, 2 Sep 2014 14:47:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.568
X-Spam-Level:
X-Spam-Status: No, score=-2.568 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.668] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tGoVVQH3EvGd for <cfrg@ietfa.amsl.com>; Tue, 2 Sep 2014 14:47:24 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id 9677F1A0719 for <cfrg@irtf.org>; Tue, 2 Sep 2014 14:47:24 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 511D9BF02; Tue, 2 Sep 2014 22:47:23 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RNGExq9YkNg8; Tue, 2 Sep 2014 22:47:22 +0100 (IST)
Received: from [10.87.48.3] (unknown [86.42.236.200]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 4C3BEBEFF; Tue, 2 Sep 2014 22:47:22 +0100 (IST)
Message-ID: <54063AEA.7060903@cs.tcd.ie>
Date: Tue, 02 Sep 2014 22:47:22 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.0
MIME-Version: 1.0
To: Andrey Jivsov <crypto@brainhub.org>, cfrg@irtf.org
References: <e16ac4926a934565a65456058e50b68e@BL2PR03MB242.namprd03.prod.outlook.com> <CALCETrUby2o5O3=tMkv20JTVkahSo5Wan4oSCPOspRnXhFCg+g@mail.gmail.com> <b53e2c5417d247199f4496e0c0d5c29c@BL2PR03MB242.namprd03.prod.outlook.com> <CACsn0cktxTyPpeaqKU-oL+DiP4Fu0risHB1Wx8-by+94s30h=g@mail.gmail.com> <CA+Vbu7yMvyPzRAGrtVH38mzaYy3XQ1wswEUQisqbwpT10JfQVg@mail.gmail.com> <54058021.9040801@cs.tcd.ie> <CACsn0c=XV4bQSa7Oh3=s+JvFpJdT3Lm16wQHRG2ACEjxuU-dvg@mail.gmail.com> <5405E343.7010302@cs.tcd.ie> <5406387E.4060507@brainhub.org>
In-Reply-To: <5406387E.4060507@brainhub.org>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/dgP5HRveJRCRto3OqYmVIizDvTM
Subject: Re: [Cfrg] On the use of Montgomery form curves for key agreement
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Sep 2014 21:47:26 -0000

Hiya,

On 02/09/14 22:37, Andrey Jivsov wrote:
> 10% penalty in dual-key uses

I'm not clear what you mean by this, in terms of what protocol
it would affect.

Can you give me an example of such an IETF protocol? Without
having thought much about it, I think there are always different
codepoints allocated for DH and signatures, and I doubt we'd
want the same private values shared anyway, so I'm not sure
if that's a real or a theoretical issue.

Thanks,
S.