IETF Logo Mail Archive

[CFRG] Re: Pairing-Friendly Curves: Open Questions Before Draft Update

"Bellebaum, Thomas" <thomas.bellebaum@aisec.fraunhofer.de> Tue, 16 December 2025 10:18 UTC

Return-Path: <thomas.bellebaum@aisec.fraunhofer.de>
X-Original-To: cfrg@mail2.ietf.org
Delivered-To: cfrg@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 8B9569B2DE9D for <cfrg@mail2.ietf.org>; Tue, 16 Dec 2025 02:18:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=aisec.fraunhofer.de header.b="vY1sDdCk"; dkim=pass (1024-bit key) header.d=fraunhofer.onmicrosoft.com header.b="J1tnFEM9"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WdjHUU3-J7CF for <cfrg@mail2.ietf.org>; Tue, 16 Dec 2025 02:18:21 -0800 (PST)
Received: from mail-edgeka24.fraunhofer.de (mail-edgeka24.fraunhofer.de [IPv6:2a03:db80:4420:b000::25:24]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id B4E759B2DE45 for <cfrg@irtf.org>; Tue, 16 Dec 2025 02:18:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=aisec.fraunhofer.de; i=@aisec.fraunhofer.de; q=dns/txt; s=emailbd1; t=1765880300; x=1797416300; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=1QTAVFXo8Zbmp1rXJSbRIxRvOd/+V2FJEx/hS//LEJA=; b=vY1sDdCk8wXgIW9+qabExiF6kaxWq0PuUDzjO6uQb6pL25LprZc0Nn0J NqM3/iQSP0sWops3Fkp3KlLJDcuPpz04v4wfqDtR8Vst6PfYsx/PMkfva kFcvb90RIDJ+Mpkm+QaSgd3ixLtF9Noc5w8B2wBNUCzqItjP7i52uyn+L c/WnCsB8z8IJXISxzVfyV8+sK8XWbWSYeugJGi4yMkEfoi06iM6WGDLl7 VjluUz2DUNHkR3zB6sZBXiEPP6C8ggkXcmlAxPx6mNFq6QF3Sfx/479pd nBgqpWSSVt8LPs6C+7BHZcS0We92i4mcxw6elOVQdgA9upQirsgbWlcRb A==;
X-CSE-ConnectionGUID: g8FIiO9lQt6DxjhUDi1IHw==
X-CSE-MsgGUID: HCsmY/KfRRiMRKEI64LyCA==
Authentication-Results: mail-edgeka24.fraunhofer.de; dkim=pass (signature verified) header.i=@fraunhofer.onmicrosoft.com
X-ThreatScanner-Verdict: Negative
X-IPAS-Result: A2ESBQDBMEFp/x0BYJlRCYEJhBBAAYIvhFWRdAOBE5tcglADUwQPAQEBAQEBAQEBBwEBUQQBAQMEhQACFoxUJzgTAQEBAQMBAQEBAQIFAQEBAQEBAQEBAQELAQEGAQIBAQEECAECgR2GCUYNgluBLIEmAQEBAQEBAQEBAQEBHQI1VgEEASMRDAEBNwEECwIBCBoCJgICAi8VEAIEAQ2FLAQSAw8nsw6BMoEBggwBAQbbLBiCRwkJAYETLoN8hFcBgW6Dd4UBggxDgRU1gj04PoNwJywVg0aCaYESgRR6FJAWBoMXhkQJSXgcA1ksAVUTFwsHBWFCEDMDIAo0LQIUDSIPGgUtHXAMJxIPHRcTYD0XQINJGAZoDwaBERlJAgICBQJAOoFmBhwGHBICAwECAjpVC4F2AgICAoIYfoIKD4c+gQEFLnolMgMLbT03Bg4bQ5UTToIrCBJUgWROXhOXCK9WAwQDgjWBZ6FxM4QEk1ySJGeZBiKCNqBkhVkCBAIEBQIQCIF/gX9xgzZSGQ+SIclseDwCBwEKAQEDCYZIiyQtBYFLAQE
IronPort-PHdr: A9a23:l4S7sRDLnYDzvAleP4DfUyQU80cY04WdBeb1wqQuh78GSKm/5ZOqZ BWZua4xygeRFt6Kt6oMy7KP9fy7AipYutfJmUtBWaIPfidNsd8RkQ0kDZzNImzAB9muQgoEW e9vbxtbxUy9KlVfA83kZlff8TWY5D8WHQjjZ0IufrymUoHdgN6q2O+s5pbdfxtHhCanYbN1M R66sRjdutMZjIZsJas90AfFrmdHd+lYwW5lKk6flAv46sus4ZJv6Stdtvwv+sJaTan3caE0R qFEATo7NGw4+MLkuR7fQAWV+3ASSH8Wkh1GAwjE6BH1QJL8uTbku+R+xSeXI9T4Qag7Vzq64 KhnUQHlhigaOTIh/27ZlsJ/jKRAoBK8vBN/2JLbYJuUNPVlYKzQe84RSHdbUcZQUyxBBZ68b 5cKAuEcM+tUs5Xxql0Tpha4GAKiBv7gyiVQi3H2w6M3zfkvER3I0gIjEdIBsmjbotr6O6oJT eC617PFwSnfY/9K2zrw7pXDfBA7ofGLWLJ9acTdxFQxGAPBilWft5fqMCmI1uQItmeX9/drW /yvi24grgF+uCOvyskxgYTOmoIVylfE9SBjz4YuP9G3U1B0YdqgEJROrC6VLZZ2QsY5Tm5yu SY60aMJtoKhcCgE0pQo3QPfa/qHc4iP7BLsSvyRLS1li317Yb+ygQu5/ke8xOPmTMa0zEpKo TRfktnKrn0D1x/e58mGR/Zj4EqsxTiC2h7P5+xGL004iarVJp8lz7A/lZcerUrNEyzrlUnok aKYdksp9+mn5un5YLjrqZ+SOolpgQ/9KqQjgtGzDOQ2PwQUW2WW+P6w2KD58UHnRLhGluM6n 6jFvJ3UIMkXu7K1DBVU34sm9hmzEjSr3dEdkHkJLV9IeRSKhJXzNV7UOvD3F/K/jkypkDds2 v/JIKXsAo7ILnjfiLfheqt961JExAoz099f45VUB6kEIP3pW0/xsMXUDholMwOuxujqFMtx2 4cEVWKBGK+WKr7SsVmI5uIoLemDepUVtCzgJPc7//LujHk5lkEBfaSxwJcaaH61Eu5iLkiYe 3bgn80NHXkOswYmSezlklyCUTpdZ3aoWKI84yk2CJ6mDYfEQ4CimqeB0D2gEZJIYmBGDk6DH mzyeIWZXvcBczidIs56kjMaSbetUYEh1Qu0uw/nzbpnLu3U+iMGupL5ztR6+vPcmQko9TNoF 8Sdz32NT2Zsk2wVXTA2wqF/rlFlx1qMzaR3mfhYFd9J6PNNUwc6M4DTw/VhC9D1XgLBY8uJS FehQtWgGjE9VM4+w9gLY0tmBtqiiwrM3zC2DLMPlryEGoA08qzG03j2PcZ9xG7K1LM9gFk+X stPKWqmi7Zj+AjdHY7JnF6Ul6ewdaQA0i7B7mCDzXCBvE1ASg5/Tb3FXWwDZkvRtdn54ELCQ KOuCbQgNgtO09WCJrFRat30iVVGQPbjOMrEbGK3gGqwChOIyamNbIruYWkSwCLdCE0cnwAV5 nmJLRI+CTu5o2LCEDxuEkribk30/elktny7UEw6wRuSYk1kzbW1+xoVieWZS/MPxL0Euz0up ytwEVqn0dLWEcCPpxdnfKVcZtM97klI1XjDuwNgIJOsN71thl0fcwRyp07gzQl6BJhdn8Qys XwqyRB9KbiE315Zbz2WxIj+NLLPJmnp5BCvZbbb1EnH3tiO9alcoMg//h/vtR+oGh9+q3xj0 NBR0n2Ro47NCBcOUJX3SQA88B1Sq7TTeCJ75o7I2ztrK6b++mvO0swoCL55kh+kfN5bMaWJU RT1F9AGBs+oM6ohnF2BYhcNJusU9aMoMYWhbfTQnObhOudrnDWihH8B+5151kOS/ixURevB3 pJDyPadlEPTUTb3jFClu9uxgp1AYTAMF2yXxi3tBYoXbap3K9UlE2Crdoedy9F6ipTkRnscv GKjAFYPw4XhLQaSaFn0xkta2EATrHauhC6Qxj1vnjpvoLCWwSrOxOrvblwLNzgYFyFZkV7wL N3s3JghV0+yYl1x/PPYzVivnvsTrfFlNGCWWkdBJXWofClpB7G9srOSbsII8p4suDVaXLfZA xiWH7DnqgYc0yTtEnEYwzY+djqwvY7+kQA8g2WYfz5o+WHUfcx72RDFvpnSX/dM2DoBSiRiz D7RA1m3Jd6y+tuI0pzEt7PbNSqhA7NJdiy54YqcuXmA+GdoDBajzdW+gcbuHgV/8AOp/N5sS SjOsFPAc5HmhYGbFM8iQERyH1777ZhKX6RF16Ygj5EZ33cXw66Y+3YKi07fGtVW0qGtCRhFT z5emufpyTbL6EozHHiM39vjZlemyPFAd+OkRW9RmRxnweJnGOCU1/sDuQZXiw/ryGCZa61fx ysb59YLuWMEh7FT/wQdkhStLb0JQGwEAy6wxyyYwYzvka8OTkz+UIrs0EAkpfuLK46LgVsDe H/dV68YOj5C1vk4YHnizV31waXDd5qITvFNhCevvR35jc9eLbcBl/Mm3wVuMkj5nUYD1K0iv RNs+L2DgLWeKFVR2oGXM052OBH+Y9063A+wjqJxg+G75LyTBZR+FQ8HBoPlY+20Th4jiey3a D7XM34Tt0rOSvLPWA6F70F+qGjTVoqmLGyTOCwBxM55F3F1RWRaiQEQGTg2kZM6H1r2gsL7e Vp/5jcf60S+phYfgu5rNhyqSm7Ev0/ocTY7TpGDMQBbph9P/UbbMMGSr6pzEihU84fnrVmlJ HaSegJICm8EQAqDAVXiNaOp/t7O766TAe/WEg==
X-Talos-CUID: 9a23:qIcKXW80qy2JMqm844aVv0FENOEkVSzZ9WuOD1+6CVtFSeS0aUDFrQ==
X-Talos-MUID: 9a23:o7nv0QvDC0wiy23gSc2npBp5MfYvwKqUMkEoq7YrmpfYET1bEmLI
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="6.21,152,1763420400"; d="scan'208";a="36516547"
Received: from mail-mtaka29.fraunhofer.de ([153.96.1.29]) by mail-edgeka24.fraunhofer.de with ESMTP/TLS/TLS_AES_256_GCM_SHA384; 16 Dec 2025 11:18:13 +0100
X-CSE-ConnectionGUID: Uv/ue5bSQJaf5RRG4GLEvg==
X-CSE-MsgGUID: zI9tTgjmTpKHcPtxqMLHdw==
IronPort-SDR: 694131e4_xR5aHptnnFMYB9rwhTkkMk+VaeE14gptKS2aPKf5mQgd6+D Ykka/PCkXe9QL12VxkWItnyNWtygfiyGmY4912A==
X-IPAS-Result: A0DuBAChRJ5o/3+zYZlRCR0BAQEBCQESAQUFAUAlgS6BblJAAYEbgQmEVINMA4UsiHYDgRObXIJQA1MEDwEDAQEBAQEHAQFRBAEBhQcCFowOJzgTAQIBAQIBAQEBAwIDAQEBAQEBAQEBAQELAQEFAQEBAgEBBgWBDhOGTw2GWwEBAQIBEhERDAEBNwEECwIBCBoCJgICAi8VEAIEAQ0nhQQEEgMOJAICAqUEAYFAAoslgTKBAYIMAQEGBATbIRiCRwkJAYERLoN9hFQBgW2DdoUAggxDgRU1gj04PoNwJyyDW4JpgRKBFIECFINjhFaKIoEbhkUJSXgcA1ksAVUTFwsHBV5CEDMDIAo0FRwCFA0iDxoFLR1zDCgSa4QbhCgrT4IidYEBDwFmQRk/g1MeBmsPBoEVGR4tAgICBQJDPoFdFwYeBiASAgICAgKBA0ADC209NwYOG0OULIMjCBJUgWROXhOXCK9WAwQDgjWBZ6FxM4QEk1ySJGeZBiKCNqBkhVoCBAIEBQIQAQEGgX8lgVlxgzZPAxkPjiGEALMfRTM8AgcBCgEBAwmGSIskLYFOAQE
IronPort-PHdr: A9a23:aAA3NxWsEDuUtIe4M90thZjCZuPV8KyzVDF92vMcY89mbPH6rNzra VbE7LB2jFaTANuIo/kRkefSurDtVSsa7JKIoH0OI/kuHxNQh98fggogB8CIEwv8KvvrZDY9B 8NMSBlu+HToeVMAA8v6albOpWfoqDAIEwj5NQ17K/6wHYjXjs+t0Pu19YGWaAJN11/fKbMnA g+xqFf9v9Ub07B/IKQ8wQebh3ZTYO1ZyCZJCQC4mBDg68GsuaJy6ykCntME2ot+XL/hfqM+H 4wdKQ9jHnA+5MTtuhSGdgaJ6nYGe0k9khdDAFugjlnwXsKoixfTiMRN33moN8juFKoEew+o1 YZ7cgHPhGBECWQX0kzHzcxLy+V/jTCI8k8aocbeNaPMKPxQU4aMYM0eFTAGUPYNZhxuD5jhS tcxDbZRBfZ289jArQIkh0qfN1WoDrnX4RVvuXbVh/Ia2sAMKTvhzT4YI5Vem1rJjNPeEIAdE riW7/f69w7tZcpU/jz4zbjJezx7jviHd7ZQSuzOilAfGAHgomyslJXmDw+z9co840aVw+FkS 8uJtTMkry5shRWU+vs3i5bGvI5P0l3q6jkn7LcJPY3ncBdYIvG5Lc4D/zHfNpFxRNslWX0to ish17ka7IayZzNZoHxG7xvWavjCdpSBwTu5BaCfOz5lgnJidr+lwRq/ogCsyez5A9G9y00C7 jFEnd/Fqm0X2lTN59KGRPpw8gbp2TuG2w3JrOARCU4unLfdK5kvz6R2kZwWsE/ZGTTxllmwh 6iTHng=
IronPort-Data: A9a23:T9ejlK1AchZIxxCn7PbD5Sp0kn2cJEfYwER7XKvMYLTBsI5bp2MPm 2NJXmjSbKuIZDehctlwYNm09UkOsZ6DmoM2Slc43Hw8FHgiRegpqji6wuccGwvIc6UvmWo+t 512huHodZ5yFjmF4E/0Y9ANlFEkvYmQXL3wFeXYDS54QA5gWU8JhAlq8wIDqtcAbeORXUXU5 rsen+WFYAX4g24tbjpNg06+gEoHUMra6GtwUmMWOKgjUG/2zxE9EJ8ZLKetGHr0KqE8NvK6X evK0Iai9Wrf+Ro3Yvv9+losWhRXKlJ6FVHmZkt+A8BOsDAbzsAB+vpT2M4nVKtio27hc+ada jl6ncfYpQ8BZsUgkQmGOvVSO3kW0aZuoNcrLZUj2CCe5xWuTpfi/xlhJHwoepAVp+xMOENH+ 6EiEh9RQTSume3jldpXSsE07igiBNLuIJtZt2FrzXfXF/87R5DETajQo9NVtNsyrpkTRrCPO IxANmspNU6fC/FMEg9/5JYWgOevg3DkNTdVrFaYr6Mq5kDazRd82/7jKtPIfNyNS8hP2EqVz o7D1zimXklHZI3AodaD2mCN1/PzkiH+ZJoxNLaA6u5zpXmzynNGXXX6UnP++5FVkHWWV9tBK kBBpnInqas78E2tQ5zmWBmlvH+DuAVaUN1VO+E/4RuGjKvZ/wjfAXILJhZHadcms8s/Xnoxy 1uNns3gAxRgtbSUTTSW8bL8hTi8Iyc9LHUea2kDVwRt3jX4iIwjiVfPX9x5EaLwhNyzED3rh T6QpTU4h7IdgNRN26jTEU37vg9Ab6PhF2YdzgvNV3+j7gR3aZTjYIqt6FPB6u1HIprfRV6E1 EXoUeDFhAzXJcjVy3zfc/ZHB7yz+feOPRvVhFMlTdFr9C2g9zTnNcpc6S13bhUheMsVWy7bU GmKsyNo5bhXICSLa41zaNmPEMgE9/XrOunkcfH2VeBwRKZNWjWJxhwzWn7I7VvRyBAttYodJ aakdd2dCCdGKKZ/kxuzaeQv8Z4q4SEcnWr8FIzK/zG64L+gf3S6d7Y0AGWSV88X9Kjengfx9 uROBvu01hxwAejMUgjKw6EuLHQhD3syNbbpoeN5K8+BJQtHHjk6KvnzmLkORa1sr553pMzpo E6vaxR980Xuo0HHJSGhSGFRWJm2UblR9XsEbDERZ3C20H0dUKOTxaY4dapvW4I49eZmnMVGf 9Ncd+quWv1wGyn6oRIDZpzAratnRhShpSSKGwGHODEfXZpRdzbly+/eXDnE1XcxV3KslM4Ev bef+BvRQsMDSyRcHc/mUq+T4G3rj0cNutBZfhXuGcZSSnXO4YIxCi3Wj90LGe8uByjH5AOn0 1exPU9Fi8jL+5Q44fvYt5Ci9o2JKdZzLmBePmvc7Iu1CxXkw3qe8ddAftqlLTH5f0HoyZqmf tRQnq3dMuVYvVNksLhcMrdMzIAs7evVuJtf8FhVRnrWXVKJCr9ff36Mh/tLvawQxY1imBCXX 3iX8YJwIoS5O8LCEX8QKjE6b++F6+ompznK4dkxI2T4/CVR/rGXdWlzZj6i0Dd8KplxO6Mbm dYRgtYcsVGDu0B7I+S4gTBx3EXSCH45CoEMlIwQWa3vgSoVkmByW4TWUHLK0cveeud3ExcYJ xGPj/D/nJVa/E3JdkQzGVXr3eZwgZcvughA/GQdJmamy8b0ufsq4CJ/qTgHbBxZ7hFi4dJBP mJGM05UJ6LX2xxKgMNFfX6nGiAfJRm/13Hy9WA0lzzifxH1blDOEWwzAvbS3UY792kHQCNX0 ovFw0nYUBHrXvrL4A0MZWBfpcfOd+dBrj/5pJj/HuCuPYULXj7+s6r/OUsKs0TGBO0ytm3mp M5r3r55RvznBB41vpw+NZKQ+ooReSC6OFVtb+lqpp0LOWTuaQCC5yWHBBG0SPNsOs7lzE6cI O5tL/JpSB6R+nuvrDcaPKsyOLVbov8Y1OQeXpjBGGcp4qeunh9ovqnP9yP4unQZftV2nes5K aLTbzikEGeAoVd1wkjj9NJlPEi8avk6PDzM5vi/qrg1JshSodNSflEX+ZrqmXesaS9M3Q+e5 SHHbI/ol91S85xmxdbQI/8SFjePCI3BUcqT+1qOqPVIV9TENPnOuy4zqlXKOwd3P6Mba+9ol Iai4cLG40fYgIkYC2zpuYGNN61s1/WAWOB6NsHWLn4DuQCgXMTqwQUI+kHmCJhvve5e2PKaR FqDWJPtTeIWZtZT+iQEIWwWWRMQEL/+YarctDuw5abEQAQU1Qvcasir7zn1ZGVcbTUFIID6F hSygfu1+9REt85ZMXfo3R2970NQezcPgZcbSuA=
IronPort-HdrOrdr: A9a23:Ph4mJazzsUoVovk0Cqq1KrPxneskLtp133Aq2lEZdPULSKOlfp GV8MjziyWYtN9IYgBcpTiBUJPwJE81bfZOkMQs1MSZLXXbUQyTXc1fBOrZsnfd8kjFmNK1up 0QCpSWZOeAbmSSyPyKmjVQcOxQj+VvkprY/ds2pk0FJWoBCsFdBkVCe32m+yVNNVB77PECZf 6hD7981lydkAMsH6OG7xc+Lor+juyOsKijTQ8NBhYh5gXLpyiv8qTGHx+R2Qpbey9TwJ85mF K13TDR1+GGibWW2xXc32jc49B9g9360OZOA8SKl4w8NijssAC1f45sMofy/Qzd4dvfqGrCou O84SvIDP4Drk85uVvF5ScF7jOQkwrGLUWSjmNwz0GT5/ARDwhKdPapzbgpDCcxrXBQ5O2UmZ g7rl6xpt5ZCwjNkz/64MWNXxZ2llCsqX5niuILiWdDOLFuIYO5gLZvi3+9Kq1wah7S+cQiCq 1jHcvc7PFZfReTaG3YpHBmxJipUm4oFhmLT0AesojNugIm10xR3g8d3ogSj30A/JUyR91N4P nFKL1hkPVLQtUNZaxwCe8dSY+8C3DLQxjLLGWOSG6XXJ0vKjbIsdr68b817OaldNgBy4Yzgo 3IVBdCuWs7ayvVeLmzNV1wg2XwqUmGLEbQI5tlluhEU5XHNcnWDRE=
X-Talos-CUID: 9a23:9oXs8mjodN63LOUCgFKxW4TQtjJuT2Oa0XqNKXSBK29nFYevZgO/3I56nJ87
X-Talos-MUID: 9a23:EW6kRwvmtYw2ZSzhY82nlhAzKPtn4aGSEGMtmq0aq9ChEQx8JGLI
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="6.17,290,1747692000"; d="scan'208";a="47405897"
Received: from exo-hybrid-bi.ads.fraunhofer.de (HELO smtp.exch.fraunhofer.de) ([153.97.179.127]) by mail-mtaKA29.fraunhofer.de with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Dec 2025 11:18:12 +0100
Received: from XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) by XCH-HYBRID-03.ads.fraunhofer.de (10.225.9.57) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.29; Tue, 16 Dec 2025 11:18:03 +0100
Received: from BEUP281CU002.outbound.protection.outlook.com (40.93.77.1) by XCH-HYBRID-04.ads.fraunhofer.de (10.225.9.46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.29 via Frontend Transport; Tue, 16 Dec 2025 11:18:03 +0100
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=LNk8Ek0SV7Law7CmgzyqvKHVoPjJDRtug+t4yrt/WetfbbT/EaE0wBmUys+a/9ENemfGXbM8Ug2IVMheGTdA1X3n8ALS7P5w+4RAWwTmWGlT/0zm2Uqx6HuD04GyjOOa7SXwYC3WwICl3lqhQfpNg4xaJF43ZwvrkavKhjkpfFq768Xjb2SfI9GECc+2FVBm8iueHIPLIzo+1TA3fuFoY6lgzuO9mxAxklSkVlnsX9mblf/izJGv4bNpZVOnh6qxSJjD02mVE5SSeXw9dv1/90RqYflFMJepfSjjv9GFUaIsI9BmVTAomnO3Qt/P5qv9MJwetEuH8Q8mpPBJd4OxTw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=1QTAVFXo8Zbmp1rXJSbRIxRvOd/+V2FJEx/hS//LEJA=; b=gEvi+grI+mRFLNznjvRlMmxsK7HLQ+2AS/tnMyfJMC9DKnw8WJA61ilSrsvyQXwDYzq7mI1wrPEmUN0Ve26C/CmPYaN4c3Mz5ASQX8cywv/4Hq3s3UNA9SZz7fTlg47b4MILbyNjbG2ieYcFQRe89uGyDDJHRXIvgRFk15FS21ZTn/mZWm0Wt+tDpYmpoEF9puReIcmHVLGPfx8grlYV7Wmq0Cc+us78BSPNpnShSztMxdOvve9P/tBiyNG7yzE46oOjhFcTs+KNqYEeTseYs+2vpEJ5qVZRWBiYwQGbc0hZcjjQLW+e4RuyjDUqTeEF5hN3iDBj1td1aTR0GS60qA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=aisec.fraunhofer.de; dmarc=pass action=none header.from=aisec.fraunhofer.de; dkim=pass header.d=aisec.fraunhofer.de; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fraunhofer.onmicrosoft.com; s=selector2-fraunhofer-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1QTAVFXo8Zbmp1rXJSbRIxRvOd/+V2FJEx/hS//LEJA=; b=J1tnFEM9uvl82/fX4YXGes5M4Vj48PxF49Ub1BB9IZ4lb2PCBOWaK27HaLEPROyZPT/8CFuHnCLOg+0KK6ZRSFbQjOcmMXiaD2GacBlHSNw+qXgjMDQTUqkXTNKFY8FfDclvANV5klGuOESTTsiwgRd2peFwt6DYTp87P1K+GuU=
Received: from FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d18::f66) by BEUP281MB3497.DEUP281.PROD.OUTLOOK.COM (2603:10a6:b10:99::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9412.13; Tue, 16 Dec 2025 10:17:54 +0000
Received: from FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM ([fe80::8d96:d427:50b0:8ad6]) by FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM ([fe80::8d96:d427:50b0:8ad6%3]) with mapi id 15.20.9412.011; Tue, 16 Dec 2025 10:17:54 +0000
From: "Bellebaum, Thomas" <thomas.bellebaum@aisec.fraunhofer.de>
To: "david=40alkaline-solutions.com@dmarc.ietf.org" <david=40alkaline-solutions.com@dmarc.ietf.org>, "nicholas.sullivan@gmail.com" <nicholas.sullivan@gmail.com>
Thread-Topic: [CFRG] Re: Pairing-Friendly Curves: Open Questions Before Draft Update
Thread-Index: AQHcbhu6N6pg/Su87U2D7u49ZFeZcrUkDkKA
Date: Tue, 16 Dec 2025 10:17:54 +0000
Message-ID: <e1a6085dc6762f407af67cdf5d54751e2975b744.camel@aisec.fraunhofer.de>
References: <CAOjisRy=_=+rGpjX-3=1uDNfhBrzKggrw+Ts8QVdebeGAtU3xg@mail.gmail.com> <B70B1FC1-BEF1-4C18-B5EB-B42703A9BE7C@alkaline-solutions.com>
In-Reply-To: <B70B1FC1-BEF1-4C18-B5EB-B42703A9BE7C@alkaline-solutions.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: FR1PPF809320EF6:EE_|BEUP281MB3497:EE_
x-ms-office365-filtering-correlation-id: 26fb6ea1-81ae-4020-a8b3-08de3c8c60a7
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|366016|376014|38070700021;
x-microsoft-antispam-message-info: KNVMD1fwFadw3yw6yHTj21uj8YecFfMKxkThYIs651Mxpnz8xlI8QduodElgR8Wwfq+WfNSURURQWrfEqK0U78G31ULKhmVfK2Tb3QXm8Iyk9pN1Tu+Vs5mfB4y0U2ogx8eQNSpRD/neSRD8PFwLDnYiZrcHo1ZbHXrPyr1nIu2K2SGFQm+MpBVCg0eyqmVIQmMuTeTyLGCNdDcLJqWoAIProAhnJ/I7L7aj0l/zBO/PwyjhtTfQ84DXmFlqaeX7sb8/bkxauYmK/Wi8yqba9V3VWASHVyXDhvTgBg24Yhd0cWNV8MD1yXA/jN6KidyaGzzkfRkRgnNbak0oWmNSqemsASGXtXAqHMFDqQr7D+kfd2ZVo/jIO69IUw/3Sicacy7K+akZxyoOgH4iRcZgeb7HQh6jWpMOus3+RCBSX5OrFTTjuvET3yKt2axZlP/hAqWIXFtULIEK93zXvC+GlX50RnqYIb+w3etV+QXZak/JY33hqMeKh5O+1QqKlcJsyjL7UGn75OZCcWkpYmzMeqJSGBK+5s+fwv4KrrrpCJU7CKx7dImz23QBLhQo5LRRYsjS6FEzQjO9aF/z2UsjhMQ+3eyK2ROUN0/Yw5TLyfJR8Y0LtYi9c5Yoe1XqbvjaCUeVrVLhuqMv7TmjQTHIzOljyyIVcMXwEMPjVe7W6fSUXPGsuroikcoaOAb6+cGeJofETp3wZmQsqLDkSsufcIUKogr9Y75ag7RszexXGYaTCZbflS5gTVU+Htrm13w410ngSW8WHxnPOwE0k03JZlOLEqsBdERq2Fvd8Hb/svCUYerbf6YPF2iHXsCs5frdiiibD2gNpumuwNNKe/h++AvB5VRgmI7nl4TaOkCYTTouZA8GO0tnmspuxQwTID822E9/yhY6BHQemQmW+DZYFzyHCUjNibKzVl2XBSDROhrowTkCzelbja31YJvlPzQkiEeVCShvLvjPDvP3fZjPf8VLVYLJJbrSQBkK5SPYy0/BFdo7t2abePRgwkbaHN67uUYrFcNBALlkLv6tAKCIrkWMT7kdTHSVDtnJ1LuA9/3cn+SejqSI9QbD9UzUccnutcsJ61/dJbvRkobRz1iP6a+yvrYfow0svOl7CpXuwDIkiz5eMeU1D9RXNze5nDGX6SAGx9Y1LL298GcMlTxLBTeH8JlwWedNC5jHlKPA9o28lT/sNAePB94TvftpkcvVboFae4MzTw6TNyLpPdond2bBXM9Wl3HekwNo6/KJNl4mNICuGFeg+ItWKkAMISjEFULuApCCNwxkBmtdFb1Pt4PFqML34pdMv5VP+GSJUPU78mqEDrHwqx4GY4cERDYyr8Wc2DAv0rqkegSZKtJdma5wJfCLJAIZv7kkN3I5zziSb3U6xAMLaUfqzgAW6G7dSuMG0+Fc3vm0JL4v3eMlK86cZkkuEMpgikYtuRsMBKlBSYBn3wPgMpurWFpmO9MAv0qWd9jxd+nMDdJomUbcnULGJUHjBF9DRk7KxoUmhrM4iHSfrtWxw+d4Yyqojiqj
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014)(38070700021);DIR:OUT;SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: YHMLmKYgajKrnWmLi/t3BWeIt1Z+EMptSfTkyY1GwEqDCDFKebpxfdPIpkEqqW1myTLe/kg5BUidB2E1jYCg9qn7tJFBMYFTTvoRMKNYUUrqZrNGVn58TwzbpWdcMvljE5kjlXiTxtvIXq8MZkr0KR9Z8Zj/6PpkHhDFDk0lGi9wxkKi3USP1rlUmySC2VVSGYti17QfUelUA7yA1e5Np3pXvBL2F0741jvKpb34AY7Xbwl97a8PQV1+SUQJasGhacJ9nytb4flS0IFnqsDFFFvnJdMq4Fuzu5rx4d3OJIzTW4k6I7Dl6iScd+3ke/eYJuidMZ5CK0wqZGtEs9wEH0tJMa7qDKvjg/ajjHFl1W88hLveDLBi8BXpabegPw9y4PWlL9KmRDlPRWsdCw464VyiR0II1cuorMBG40S0QpotMNSCyxo8Yi+5OlxWjCcbSA29SYV8EbUNAjZXnGlWsos9vjr40pCwjjb1zmasV0ByprrPxnV60aYrf6f1gfRw8ZEI9BEXGlPY9O4jLPDb4aKnTHbHVnVWmVzD34SiY8khIzD/U9YAI0V2CjnTYRNndwPHebAQjtZsug2/nqLw/VilvOL2PneEsKrTS8Vrzjcurz5+IbkHns+mvRZs2U1QDEX8BNw3Olp+AyU8cTb7UWNTfCM7Nc7kbtEGWdGDO57al0PnNZfRO0TKdrSnfqMRfaUouG5+eJwfI2Xdg7B44xuYIviZyyxFbtEPWEIg1L+tozsTEh9VTseCDJoLBXc1STbiJ5YQkOKrZx+to4JSam1IttBIaZ/u9WcRIefmmgv8CbFqO8FeQ8sDq92RPGbRTASmRW+5Cgy3cpsiKW7p0ScyCY21GBXRaV/38k8JLQuutalQtfH10spOQdw0Le6K+KaBcAKd3OKuwmsvd3UotVJ2I3sVOEAUcnfcSJ9Ey/Koo81DwHcvYAPGV06lq9UI9d5TFbjD0Zr/Z6pFPK4g6h008bYIXJMUIkJfMyjzIZCz/XRGGREe7/oci2rgOVldcrePzyzNWPZeggzlq2xjPBcjzZ9ITnPHWuDEWRmEw6fNlxv7n9ScR2srPEnphz/7BSgBYXe3S8BXlB5Pji+K/kS3efaRLFedkKaeki3Gdnzk465W/07grrW5GtXj1a9IRtO04RoqLP+1CvW3ZYbpQaBU/T2leAmH1iparZpJ+ArbCLYMuBpsIruVHxFQBTyPizLu/PnWoCwuNKLbs7vpGeuMpO234ouhMXa+PGb3Ce5Mu4dcvRXFRe3IkujVyTNsfkU5vLOq5/7I9gEdYe8D7xoOv6o08fz5AWcivH/ecKO5MmF1qoWSHImZaZ7rLwGvChaTijMcSExlz92bETCu92WjgYb5o1ns7ZE6NefIAN78nJpRSox7V2XKAjgoESWyfJ/kRoqT13nrewPWzwVQYCP3tzuWWlJY1ffJErrFibDXjrMSkQs7nDj9A0E3evBrnGdE9B0EERSMy7hkI9A9xV8ZCKZhl2R7ruhWebYttXfjwKT0iG5MqgGB0TJHmjDF2wYAf9kirGCVVjkkx+3TQpmY7CB3Q+nxYs+A7VPmsJpfDlZTOBxmCgTWQ+t/M5pGaDqAr/J9hEAjmf3xF5RgHEx1cxc21h4SXNO1nufpVDc=
Content-Type: text/plain; charset="utf-8"
Content-ID: <350B22A0CB108E4EA81A520D802963D3@DEUP281.PROD.OUTLOOK.COM>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: FR1PPF809320EF6.DEUP281.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 26fb6ea1-81ae-4020-a8b3-08de3c8c60a7
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Dec 2025 10:17:54.7540 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f930300c-c97d-4019-be03-add650a171c4
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 4/DZU+3wpwYK3nnt+OsKX0V3SvQ3urPBztugzp2k6HsF/FR6zEUjGUZRVNRXL4XbgsguNEdTibVWs61NmcnRuBd9YSxJI0tBv5n9nHBk/KSS0g+hNtC6kagMLh+tPTyr
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BEUP281MB3497
X-OriginatorOrg: aisec.fraunhofer.de
Message-ID-Hash: A6NDNE4E2KVFVI3IPJNKRFAWN5EGLDD3
X-Message-ID-Hash: A6NDNE4E2KVFVI3IPJNKRFAWN5EGLDD3
X-MailFrom: thomas.bellebaum@aisec.fraunhofer.de
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-cfrg.irtf.org-0; header-match-cfrg.irtf.org-1; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "cfrg@irtf.org" <cfrg@irtf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [CFRG] Re: Pairing-Friendly Curves: Open Questions Before Draft Update
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/gorMiOCYlpyPSDGOEOP-gZkwf3U>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Owner: <mailto:cfrg-owner@irtf.org>
List-Post: <mailto:cfrg@irtf.org>
List-Subscribe: <mailto:cfrg-join@irtf.org>
List-Unsubscribe: <mailto:cfrg-leave@irtf.org>

Hi David,

> In the BLS case, that encoding should be a subset of the ZCash-based serialization, restricting that “C" is always 1 and “I" is always 0. BBS I believe constrains the algorithm to only support compressed points, but does not constrain serializing infinity.

BBS does constrain deserializing infinity, but not centrally in appendix B.2.
Instead, points are validated as follows:

- The public key is validated to not be Identity_G2 in octets_to_pubkey, line 4. It is preceded by a subgroup check.
- The proof points Abar, Bbar and D are validated to not be Identity_G1 in octets_to_proof, line 7. This test is followed by a subgroup check.
- The signature value A is validated to not be Identity_G1 in octets_to_signature, line 6. This test is followed by a subgroup check.

For blind signatures:

- The commitment C is validated to not be Identity_G1 in octets_to_commitment_with_proof, line 6. There is no subgroup check, which may or may not be an oversight. There is an implicit subgroup check provided by the associated proof (which asserts that the prover knows how to generate C through the set of generators), but if we go for this logic then there is no need to perform a subgroup check for all three of Abar, Bbar and D above...

It is interesting to note that deserialize_and_validate_commit returns Identity_G1, but does so deliberately to reuse existing code paths in case there is no commitment. In no realistic scenario should an identity ever be serialized or deserialized (assuming access to unbiased random bits).

Best regards,

-- TBB

v2.40.4 | Report a Bug | By Email | System Status