IETF Logo Mail Archive

Re: [Cfrg] ECC reboot (Was: When's the decision?)

David Leon Gil <coruus@gmail.com> Fri, 17 October 2014 19:19 UTC

Return-Path: <coruus@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9D061A6F5A for <cfrg@ietfa.amsl.com>; Fri, 17 Oct 2014 12:19:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oFlNUoPTaXDz for <cfrg@ietfa.amsl.com>; Fri, 17 Oct 2014 12:19:29 -0700 (PDT)
Received: from mail-lb0-x230.google.com (mail-lb0-x230.google.com [IPv6:2a00:1450:4010:c04::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D6CF1A6F58 for <cfrg@irtf.org>; Fri, 17 Oct 2014 12:19:29 -0700 (PDT)
Received: by mail-lb0-f176.google.com with SMTP id p9so1217849lbv.35 for <cfrg@irtf.org>; Fri, 17 Oct 2014 12:19:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=hJhSsWBzXG0/y1p0aGsBllKn/SmSt+4+HwGPbQhssbM=; b=AjMlflu//kat3uRzPzICpuPnCRKkH4vLK1KkTYoBW8mmFRuNVdNvKAV+ormT/Mkhcd v+KLQMo2pS7x2sORV9o+Z02x98LqY1Merf0VdpwHoP6K7+mqRHyQGhkm2PPYC1UU2QrB 2dYiNMGWT2SGlid6KiS2xow/lgPYDPASkTF0Yw63m4RDg+brP0KJxTFFH2I+fXzaGxww 5NtebQfzX+QEMvoI3N2Rf7tE0JCLLv0TMFOrN3Udf33XoA0jvApu2yENf2EcYBF/JieH p4uNdd7wtUKo5x8h1D5ixv3kbhJ9bG8Jv2DsrUFbMHgY7pXPKVK42lAWh+mBGfSW+l+S HjzA==
X-Received: by 10.112.147.199 with SMTP id tm7mr5306832lbb.92.1413573567303; Fri, 17 Oct 2014 12:19:27 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.25.218.145 with HTTP; Fri, 17 Oct 2014 12:19:06 -0700 (PDT)
In-Reply-To: <0FC829CD89DE224E98637A5D757BC1B81F0245DD@GSBEEX01.int.gematik.de>
References: <0FC829CD89DE224E98637A5D757BC1B81F0245DD@GSBEEX01.int.gematik.de>
From: David Leon Gil <coruus@gmail.com>
Date: Fri, 17 Oct 2014 15:19:06 -0400
Message-ID: <CAA7UWsXTWQGUv-RNPMK+EKNFygfcaUPF14R6Y=b2CKaSjHB9hg@mail.gmail.com>
To: "Hallof, Andreas" <Andreas.Hallof@gematik.de>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/j2kqp4vx17Q04Zn9BnFCOW3VzFk
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] ECC reboot (Was: When's the decision?)
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Oct 2014 19:19:31 -0000

On Fri, Oct 17, 2014 at 11:24 AM, Hallof, Andreas
<Andreas.Hallof@gematik.de> wrote:
> If independent from each other three different Chipcard-Manufacturer tell me they prefer using curves with random primes then this tells me something.

It tells you that, like most semiconductor companies, they are
cheapskates. They would rather you continue to use their (existing)
inadequately protected solutions, so that they can save on design
costs.

If they can cite published work that shows that a higher level of
assurance can be achieved, given a correctly implemented masking
scheme, by using a random prime, they are free to share one.

(The previous citation from the manufacturers, AFAIK, shows an attack
on the sort of blinding scheme Joye and others have demonstrated is
inadequate -- and which does not even pass a basic smell test.)

v2.23.0 | Report a Bug | By Email