Re: [Cfrg] Consensus and a way forward

Hannes Tschofenig <hannes.tschofenig@gmx.net> Thu, 27 November 2014 06:51 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 473AE1A888A for <cfrg@ietfa.amsl.com>; Wed, 26 Nov 2014 22:51:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EEeipHjcP4JR for <cfrg@ietfa.amsl.com>; Wed, 26 Nov 2014 22:51:15 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 505BC1A8883 for <cfrg@irtf.org>; Wed, 26 Nov 2014 22:51:15 -0800 (PST)
Received: from [192.168.131.133] ([80.92.115.84]) by mail.gmx.com (mrgmx002) with ESMTPSA (Nemesis) id 0MXIov-1XOFPR2r6z-00WG00; Thu, 27 Nov 2014 07:51:13 +0100
Message-ID: <5476C9DF.1060208@gmx.net>
Date: Thu, 27 Nov 2014 07:51:11 +0100
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0
MIME-Version: 1.0
To: Benjamin Black <b@b3k.us>, "cfrg@irtf.org" <cfrg@irtf.org>
References: <CA+Vbu7xvvfRWyqyE9sqU7VbjzNQZp+DwRWjaV3Lw0hjLr8ye1A@mail.gmail.com>
In-Reply-To: <CA+Vbu7xvvfRWyqyE9sqU7VbjzNQZp+DwRWjaV3Lw0hjLr8ye1A@mail.gmail.com>
OpenPGP: id=4D776BC9
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="BKsUt7c9CwKAW4UkotrHgmxq90ewNMKVx"
X-Provags-ID: V03:K0:Ut/+GC9cQDcizkElN7SKkz5CApoO52Xv5ni4m7QzXyVlSR/K5lW STnCIX7jAhbkawkvRkVLxCv8TZVs7aXLh5Pq5SvmPKQtwF4DRL9ZEQ1k3/lvs7235MnDw9R 9EOHAzWkAP05Wu7/VKpKW/WHx1SrB+xWuk1GaUPZVZBJGjdbzkB2j0nCb8TedtA09UbYian +kATC1G426F5oCaS4ceAA==
X-UI-Out-Filterresults: notjunk:1;
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/hue0hCgqvx0yLV5-4QG8sihBEWg
Subject: Re: [Cfrg] Consensus and a way forward
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Nov 2014 06:51:17 -0000

Hi Benjamin,

while I applaud that you are trying to find a way forward your mail
almost sounds like you are acting is one of the chairs of the group.

From a process point of view only the chairs can call for consensus; I
am sure it is just unfortunate wording and you are providing another
proposal for the group to consider.

Ciao
Hannes

On 11/27/2014 05:25 AM, Benjamin Black wrote:
> All,
> 
> Over the past couple of weeks we have been working with Adam Langley to
> see if we could find a compromise with which we could all live. I'm
> pleased to say we have been successful in accommodating our respective
> performance and trustworthy generation concerns, and I hope the
> resulting proposal will be attractive to others, as well. The generation
> procedure is document in a draft I've just posted that can be found at
> http://www.ietf.org/id/draft-black-rpgecc-00.txt .
> 
> The simplest summary is that we have combined the prime preferred by
> Adam and others at the 128-bit security level with the rigid parameter
> generation we view as essential for producing the most trustworthy
> curves. We have used the generation procedure to produce a new twisted
> Edwards curve based on 2^255 - 19 and a new Edwards curve based on 2^384
> - 317. These new curves are given as test vectors in the draft, and are
> also given below.
> 
> These 2 curves are sufficient for meeting the request from TLS. However,
> if there is strong interest in a 3rd curve for the 256-bit security
> level, the generation procedure‚Äč‚Äč gives the same curve with p =2^521 - 1
> as several teams produced.
> 
> 
> b
> 
> --
> 
> 2^255 - 19
> 
>    p = 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
>          FFFFFFFFFFED
>    d = 0x15E93
>    r = 0x2000000000000000000000000000000016241E6093B2CE59B6B9
>          8FD8849FAF35
> x(P) = 0x3B7C1D83A0EF56F1355A0B5471E42537C26115EDE4C948391714
>          C0F582AA22E2
> y(P) = 0x775BE0DEC362A16E78EFFE0FF4E35DA7E17B31DC1611475CB4BE
>          1DA9A3E5A819
>    h = 0x4
> 
> 
> 2^384 - 317
> 
>      p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
>            FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEC3
>      d = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
>            FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD19F
>      r = 0x3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE2471A1
>            CB46BE1CF61E4555AAB35C87920B9DCC4E6A3897D
>   x(P) = 0x61B111FB45A9266CC0B6A2129AE55DB5B30BF446E5BE4C005763FFA
>            8F33163406FF292B16545941350D540E46C206BDE
>   y(P) = 0x82983E67B9A6EEB08738B1A423B10DD716AD8274F1425F56830F98F
>            7F645964B0072B0F946EC48DC9D8D03E1F0729392
>      h = 0x4
> 
> 
> 
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> http://www.irtf.org/mailman/listinfo/cfrg
>