Re: [CFRG] Handling the errata for RFC 7748
Mike Hamburg <mike@shiftleft.org> Thu, 10 December 2020 18:50 UTC
Return-Path: <mike@shiftleft.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 60FD23A11B9 for <cfrg@ietfa.amsl.com>; Thu, 10 Dec 2020 10:50:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.305
X-Spam-Level:
X-Spam-Status: No, score=-1.305 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=shiftleft.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hhAXbPPTL_ze for <cfrg@ietfa.amsl.com>; Thu, 10 Dec 2020 10:50:14 -0800 (PST)
Received: from astral.shiftleft.org (unknown [54.219.126.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D40A13A11B8 for <cfrg@irtf.org>; Thu, 10 Dec 2020 10:50:14 -0800 (PST)
Received: from [192.168.0.13] (unknown [37.228.237.57]) (Authenticated sender: mike) by astral.shiftleft.org (Postfix) with ESMTPSA id 48ECBBB8F6; Thu, 10 Dec 2020 18:50:12 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shiftleft.org; s=sldo; t=1607626213; bh=iElp46aunhBINgjN5Dgk8AIOnzJbB+A/FXuiFsUhGPY=; h=From:Subject:Date:In-Reply-To:Cc:To:References:From; b=E7eMPiqkJjjy7pOB8O+Ef92WseRzVJyzBH6ihs8OwPq2DgKG9VnxFLPSNA7FLxhwy 9mttEpEF0yz5cVTrdeeRqT/6NjtwaFOYux0DzbkvMfSNXBg5X+JWHFadfZ4NypJZoz 9BVpSeCVNUJFW9isVjGO5lU/RDmLXi59p5iAQALs=
From: Mike Hamburg <mike@shiftleft.org>
Message-Id: <C743CF4A-F155-48B8-BF8F-06F953CAC3BB@shiftleft.org>
Content-Type: multipart/alternative; boundary="Apple-Mail=_3B730243-D3BD-446B-A425-667E247EBD7E"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.20.0.2.21\))
Date: Thu, 10 Dec 2020 18:50:09 +0000
In-Reply-To: <CAMfhd9XrxaJT2MK_gXBeDOqEno6LV-QSKyiJ_OPMs++4UznHFQ@mail.gmail.com>
Cc: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>, CFRG <cfrg@irtf.org>
To: Adam Langley <agl@imperialviolet.org>
References: <CAMr0u6=K4S1WG9+y5PkkwHMdcHDT11TcjX9icb1yxQ14hQV6eQ@mail.gmail.com> <CAMfhd9XrxaJT2MK_gXBeDOqEno6LV-QSKyiJ_OPMs++4UznHFQ@mail.gmail.com>
X-Mailer: Apple Mail (2.3654.20.0.2.21)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/e8x3OgwyC6JlB4zby0QKaOMlh9Y>
Subject: Re: [CFRG] Handling the errata for RFC 7748
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Dec 2020 18:50:16 -0000
> On Dec 10, 2020, at 5:26 PM, Adam Langley <agl@imperialviolet.org> wrote: > > On Wed, Dec 9, 2020 at 10:50 PM Stanislav V. Smyshlyaev <smyshsv@gmail.com <mailto:smyshsv@gmail.com>> wrote: > Dear CFRG, > > There are three reported errata for RFC 7748: > https://www.rfc-editor.org/errata/eid5568 <https://www.rfc-editor.org/errata/eid5568> > https://www.rfc-editor.org/errata/eid5651 <https://www.rfc-editor.org/errata/eid5651> > https://www.rfc-editor.org/errata/eid5028 <https://www.rfc-editor.org/errata/eid5028> > > The third one (5028) is an editorial one, I am sure that it improves clarity of the text, therefore, I support it without doubt. > > The first one (5568) is a technical one, with a proposal to change one bit of the input u-coordinate in the hexadecimal representation (to make it "consistent" with the base 10 representation). However, the author of 5568 has probably missed that implementations of x25519 should "mask" that bit after taking a u-coordinate as an input - therefore, the existing text of RFC does not have any errors there. This is exactly the result of unclear text that is addressed in the abovementioned third erratum (5028).Therefore, I would propose to reject the erratum. > > The second one (5651) notes that the algorithm description has a mistake in the description (for calculation of z_2). After implementing the described algorithm myself (with the MAGMA package) I've obtained the expected numbers. I suspect that the RFC text is OK, –therefore I would propose to reject the erratum. > > Therefore, I'm planning to approve the third one (5028) and reject the other two errata (5568 and 5651). > > I agree with all of the above. Thanks for checking them. > > > AGL I also agree. Thanks Stanislav and Benoît. — Mike
- [CFRG] Handling the errata for RFC 7748 Stanislav V. Smyshlyaev
- Re: [CFRG] Handling the errata for RFC 7748 Benoît Viguier
- Re: [CFRG] Handling the errata for RFC 7748 Adam Langley
- Re: [CFRG] Handling the errata for RFC 7748 Mike Hamburg
- Re: [CFRG] Handling the errata for RFC 7748 Stanislav V. Smyshlyaev