Re: [Cfrg] malicious DH base points [was Re: should the CFRG really strive for consensus?]

Stephen Farrell <> Thu, 01 January 2015 20:23 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 305E61A1A16 for <>; Thu, 1 Jan 2015 12:23:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id dyEpmJuX74Mx for <>; Thu, 1 Jan 2015 12:23:00 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 1B3201A00DF for <>; Thu, 1 Jan 2015 12:23:00 -0800 (PST)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 46FC4BEFA; Thu, 1 Jan 2015 20:22:58 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id rBlETaKmxIqP; Thu, 1 Jan 2015 20:22:56 +0000 (GMT)
Received: from [] (unknown []) by (Postfix) with ESMTPSA id B3E5BBEF8; Thu, 1 Jan 2015 20:22:56 +0000 (GMT)
Message-ID: <>
Date: Thu, 01 Jan 2015 20:22:56 +0000
From: Stephen Farrell <>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
To: Christoph Anton Mitterer <>, "" <>
References: <> <> <> <>
In-Reply-To: <>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Subject: Re: [Cfrg] malicious DH base points [was Re: should the CFRG really strive for consensus?]
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 01 Jan 2015 20:23:03 -0000

On 01/01/15 17:14, Christoph Anton Mitterer wrote:
> On Thu, 2015-01-01 at 13:39 +0100, Adam Back wrote: 
>> Seems like on
>> topic and to the point, not spam.
> plus: it seems kinda dangerous to me, if certain topics are more or
> less... well not forbidden, but at least "moderated to silence".
> CFRG should be really open, even if this includes more wood and less
> trees,... trust is very important and if people feel that some
> topics/questions/concerns might have been suppressed, CFRG will have the
> same problems as NIST.

Maybe a little more explanation is warranted then. Dan's mail
accused someone of bad faith by saying that that person did
thing x "in the guise" of doing thing y. That is always
inappropriate no matter what provocation and no matter who
says it. By itself that is sufficient to call out the message
as inappropriate for any IETF or IRTF list. And that is why
I agree with the chairs on this.

For me, it's just about appropriate list behaviour that is
more likely to result in the RG making sound technical choices
in a useful time-frame and is nothing to do with silencing
anyone. Inappropriate list behaviour simply makes it much
harder to get done.

As I said before Dan is by no means the only one who's
strayed beyond what's acceptable on this topic by my
reading. But I hope the group put this behind us all and
move on to at least finish up the work on the 128 bit
work factor key agreement topic in the very near future.

>From my pov I think that work is 99% done and should be easy
to finish up, based on the assumption that there's no
remaining security difference, nor significant performance
difference and there is a reasonable amount of running
code for one set of options. It's that kind of discussion
and not who makes what point for what reason that is

And once that is out of the way then moving on to signatures
and other work factors should be much easier.

So add my voice to those saying: let's just get that part
done now please and where there's no other basis on which
to distinguish, the running code should be fine to go


> Cheers,
> Chris.
> _______________________________________________
> Cfrg mailing list