IETF Logo Mail Archive

Re: [Cfrg] Call for adoption: draft-yonezawa-pairing-friendly-curves

SAITO Tsunekazu <tsunekazu.saito.hg@hco.ntt.co.jp> Thu, 19 September 2019 10:57 UTC

Return-Path: <tsunekazu.saito.hg@hco.ntt.co.jp>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D719C1209CA for <cfrg@ietfa.amsl.com>; Thu, 19 Sep 2019 03:57:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b5G8Y9qS0NpA for <cfrg@ietfa.amsl.com>; Thu, 19 Sep 2019 03:57:27 -0700 (PDT)
Received: from dish-sg.nttdocomo.co.jp (dish-sg.nttdocomo.co.jp [202.19.227.74]) by ietfa.amsl.com (Postfix) with ESMTP id C378F120B0A for <cfrg@ietf.org>; Thu, 19 Sep 2019 03:57:26 -0700 (PDT)
X-dD-Source: Outbound
Received: from zssg-mailmd102.ddreams.local (zssg-mailmd900.ddreams.local [10.160.172.63]) by zssg-mailou101.ddreams.local (Postfix) with ESMTP id 5548D1200E4 for <cfrg@ietf.org>; Thu, 19 Sep 2019 19:57:26 +0900 (JST)
Received: from zssg-mailcc302.ddreams.local (zssg-mailcc302.ddreams.local [10.160.162.153]) by zssg-mailmd102.ddreams.local (dDREAMS) with ESMTP id <0PY200FWIRRPR5C0@dDREAMS>; Thu, 19 Sep 2019 19:57:25 +0900 (JST)
Received: from zssg-mailcc301 (localhost [127.0.0.1]) by zssg-mailcc302.ddreams.local (unknown) with SMTP id x8JAvP6l043103; Thu, 19 Sep 2019 19:57:25 +0900
Received: from zssg-mailmf101.ddreams.local (unknown [127.0.0.1]) by zssg-mailmf101.ddreams.local (Postfix) with ESMTP id 9C61B7E6036; Thu, 19 Sep 2019 19:57:19 +0900 (JST)
Received: from zssg-mailmf101.ddreams.local (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9A83D8E6051; Thu, 19 Sep 2019 19:57:19 +0900 (JST)
Received: from localhost (unknown [127.0.0.1]) by IMSVA (Postfix) with SMTP id 98C208E6054; Thu, 19 Sep 2019 19:57:19 +0900 (JST)
X-IMSS-HAND-OFF-DIRECTIVE: localhost:10026
Received: from zssg-mailmf101.ddreams.local (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id BEABA8E6054; Thu, 19 Sep 2019 19:57:18 +0900 (JST)
Received: from zssg-mailua102.ddreams.local (unknown [10.160.172.62]) by zssg-mailmf101.ddreams.local (Postfix) with ESMTP; Thu, 19 Sep 2019 19:57:18 +0900 (JST)
Received: from rcR9101293 (unknown [10.171.96.154]) by zssg-mailua102.ddreams.local (dDREAMS) with ESMTPA id <0PY200JH8RRC6B60@dDREAMS>; Thu, 19 Sep 2019 19:57:12 +0900 (JST)
From: SAITO Tsunekazu <tsunekazu.saito.hg@hco.ntt.co.jp>
References: <2E880A9A-78D2-4CE0-9C73-57AA73582D2D@inf.ethz.ch> <627acfce-29a9-753e-6cbb-24dd142df560@gmail.com>
In-reply-to:
Date: Thu, 19 Sep 2019 19:57:12 +0900
Message-id: <000701d56ed8$fdd2a750$f977f5f0$@hco.ntt.co.jp_1>
MIME-version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Thread-index: AQGAnI2JCM2pBVcutDJL+ChfC5VzZAIw6xpMp8rhSvCAAAiqcIAABAGQgAADgZA=
Content-language: ja
X-TM-AS-GCONF: 00
To: cfrg@ietf.org
X-CC-Mail-RelayStamp: CC/Mail Relayed
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/lKIwd-KVZcorau65a0WWXIeDOoI>
Subject: Re: [Cfrg] Call for adoption: draft-yonezawa-pairing-friendly-curves
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Sep 2019 10:57:36 -0000

Dear Rene

This is SAITO Tsunekazu. I am the co-author of draft-yonezawa.

Thank you for your comments about data conversion in Section 2.5.
We will be careful to correct the typo etc. in the next draft. 

(1) Description of Data Conversion
Riad also asked us if we need to describe data conversion.
At that time, Shoko responded that we were considering just a mathematical parameter range as the draft range.
Certainly, if it is necessary to describe the data conversion for implementation, we can describe it separately in the appendix as follows.
https://info.isl.ntt.co.jp/crypt/psec/dl/iso/psec-kem_v2.2_20080414e.pdf

(2) Data Conversion Between Extension Field Element and Octet String.
There are two main methods for this conversion as you said.

(A) a method to assign the characteristic to an indeterminate.
For extension field element as polynomial x = s_0 + s_1 * u + ... + s_{n-1} *u^{n-1}, one assign the prime and compute an integer
int(x) = s_0 + s_1 * p + ... + s_{n-1} *p^{n-1}.
Then we convert to octet string. 

Advantages of this method are
* Adopted by other standards like IEEE and ANSI to ensure consistency.
* You only need to check if the element of the finite field is correct when converted to an integer.

(B) a method of concatenation of each coefficient.
For extension field element as polynomial x = s_0 + s_1 * u + ... + s_{n-1} *u^{n-1}, one concatenate each coefficient s_i oct (x) = s_0 ||s_1|| ... ||s_{n-1}. 

Advantages of this method are
* Fast implementation.
* Easy to implement. 

We understand that there are good points to either method, so we briefly described the conversion method of (A) according to different standards and historical backgrounds. 

Best Regards,
SAITO Tsunekazu

-----Original Message-----
From: Rene Struik <rstruik.ext@gmail.com> 
Sent: Friday, September 6, 2019 10:52 PM
To: Paterson Kenneth <kenny.paterson@inf.ethz.ch>; cfrg@ietf.org
Cc: draft-yonezawa-pairing-friendly-curves.authors@ietf.org; cfrg-chairs@ietf.org
Subject: Re: [Cfrg] Call for adoption: draft-yonezawa-pairing-friendly-curves

Dear colleagues:

I am neutral with respect to adoption of this draft.

I do have an organizational remark regarding CFRG work items, though: if this draft is adopted by the CFRG as a working group document, I would suggest moving the description of the curves isogenous to BLS-12-381 as described in Appendix C of draft-irtf-cfrg-hash-to-curve-04 to the pairing curve document, so as to keep the curve mapping document clean and keep all core pairing-related stuff in one document.

Section 2.5:
a) s = s_0 + s_1 * p + ... + s_{d - 1} * i^{d - 1} should read s = s_0 +
s_1 * i + ... + s_{d - 1} * i^{d - 1}, since it is a polynomial in indeterminate i.
b) Is there a a reason to represent this as s = s_0 + s_1 * p + ... + s_{d - 1} * p^{d - 1}, in lowest-coefficient-first order, rather than in highest-coefficient-first order? Why not represent this as right-concatenation of the representation of the polynomial coefficients s_0, ..., s_{d-1} in GF(p) instead, so each of these can be easily extracted individually?
c) The IEEE 1363a-2004 specification referenced is not publicly available (well, without paying ~ $100).

Best regards, Rene

On 9/6/2019 7:36 AM, Paterson Kenneth wrote:
> Dear CFRG,
>
> This email commences a 2-week call for adoption for draft-yonezawa-pairing-friendly-curves:
>
> https://datatracker.ietf.org/doc/draft-yonezawa-pairing-friendly-curve
> s/
>
> Please give your views on whether this document should be adopted as a CFRG draft, and if so, whether you'd be willing to help work on it/review it.
>
> Thanks,
>
> Kenny (for the chairs)
>
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg


--
email: rstruik.ext@gmail.com | Skype: rstruik
cell: +1 (647) 867-5658 | US: +1 (415) 690-7363

v2.23.0 | Report a Bug | By Email