Re: [Cfrg] big-endian short-Weierstrass please

Yoav Nir <ynir.ietf@gmail.com> Thu, 29 January 2015 19:05 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDA201A6F15 for <cfrg@ietfa.amsl.com>; Thu, 29 Jan 2015 11:05:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XidYwGK8rje7 for <cfrg@ietfa.amsl.com>; Thu, 29 Jan 2015 11:05:51 -0800 (PST)
Received: from mail-wi0-x22a.google.com (mail-wi0-x22a.google.com [IPv6:2a00:1450:400c:c05::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 124F51A6EED for <cfrg@irtf.org>; Thu, 29 Jan 2015 11:05:51 -0800 (PST)
Received: by mail-wi0-f170.google.com with SMTP id bs8so14107199wib.1 for <cfrg@irtf.org>; Thu, 29 Jan 2015 11:05:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to; bh=sR9jb6hY+t3/6q/R2aOGOzKwJCZE3JspiN9WFDs0u6Y=; b=FYFJSHA4qdjTBgTs8yw2SAAHfuul907MpOhHysieXcdVT36wan3jTuF+Y4X9KnOoqc s3hHDAgSc1rXDjjlj6+91cWwEXyO8hwJ83VuQIuDzfc6G2afJ8DQQvbA6p6+yZ4wyoR+ N5S0Lm/D0rE1G7XwEisEcGF3UN5KFE9+7GEMmsIWlZdo1WNCNXJWtxizdTFSWsCfjc6y 2tpppRGj07/1eisPhAl+0p7bkUuSGfuRR85WOULlIo4i+xpQA1EAh2tHD1v0Fo+5LBlF xwE/s2ph3/37WHReP3sPRivrjzeI2hUH43UHIXFoTQxkYPb3lOCimWU/NEl3+Wt61ZYu sD4A==
X-Received: by 10.180.211.169 with SMTP id nd9mr3040281wic.4.1422558349806; Thu, 29 Jan 2015 11:05:49 -0800 (PST)
Received: from [192.168.1.15] ([46.120.13.132]) by mx.google.com with ESMTPSA id cf12sm11616983wjb.10.2015.01.29.11.05.48 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 29 Jan 2015 11:05:49 -0800 (PST)
Content-Type: multipart/alternative; boundary="Apple-Mail=_3B2DEE86-BE89-4E08-B844-BD97AA89C68B"
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <CACsn0ckb4xW7gTP4m9BHkQe-Y00Y306wOcuEoSQ25XLeXX14UQ@mail.gmail.com>
Date: Thu, 29 Jan 2015 21:05:47 +0200
Message-Id: <969AA073-9E64-4695-8372-B4C342E703B5@gmail.com>
References: <810C31990B57ED40B2062BA10D43FBF5D42BDA@XMB116CNC.rim.net> <87386ug2r7.fsf@alice.fifthhorseman.net> <810C31990B57ED40B2062BA10D43FBF5D4413B@XMB116CNC.rim.net> <87r3ueedx7.fsf@alice.fifthhorseman.net> <20150128231006.GJ3110@localhost> <D0EED79E.204B1%uri@ll.mit.edu> <878ugleei5.fsf@alice.fifthhorseman.net> <CAMm+LwhD8ZmuO7_OsGYX_VARYT=gDJSkZVavxXkTOvfFLJ-Usg@mail.gmail.com> <CACsn0ckb4xW7gTP4m9BHkQe-Y00Y306wOcuEoSQ25XLeXX14UQ@mail.gmail.com>
To: Watson Ladd <watsonbladd@gmail.com>
X-Mailer: Apple Mail (2.2070.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/gifwRLuXoMIC1VYbVbkE0hslN-w>
Cc: cfrg@irtf.org
Subject: Re: [Cfrg] big-endian short-Weierstrass please
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Jan 2015 19:05:53 -0000

> We are not having trouble with that  in this group. Nobody disputes that any of the proposed curves are secure, or the details of generation.
> 
> Instead, we're arguing about endiannes. I've tried to gather which primes everyone wants in one list, crickets.  Tony Arceli posts about signatures, 5 messages. Big v. Little, 40.
> 
That's Parkinson’t law of triviality at work. Few understand why one prime is better than another. A few more understand about implementing signature algorithms, but we all understand endianness.

Although that would make the signature algorithms the bike shed, and the endianness coffee.

Regarding primes I think there were a bunch of people saying “yeah, let’s pick goldilocks" a while ago.  Hopefully we know enough about signatures to not make the bike shed of asbestos (in the book the argument is about the material for the bike shed, not the color)

Yoav