Re: [Cfrg] ISE seeks help with some crypto drafts

"D. J. Bernstein" <djb@cr.yp.to> Fri, 08 March 2019 18:39 UTC

Return-Path: <djb-dsn2-1406711340.7506@cr.yp.to>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E68FC1277DB for <cfrg@ietfa.amsl.com>; Fri, 8 Mar 2019 10:39:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aRUAi4-9E5VR for <cfrg@ietfa.amsl.com>; Fri, 8 Mar 2019 10:39:35 -0800 (PST)
Received: from salsa.cs.uic.edu (salsa.cs.uic.edu [131.193.32.108]) by ietfa.amsl.com (Postfix) with SMTP id 76B45124184 for <cfrg@irtf.org>; Fri, 8 Mar 2019 10:39:35 -0800 (PST)
Received: (qmail 6862 invoked by uid 1010); 8 Mar 2019 18:39:33 -0000
Received: from unknown (unknown) by unknown with QMTP; 8 Mar 2019 18:39:33 -0000
Received: (qmail 4616 invoked by uid 1000); 8 Mar 2019 18:39:26 -0000
Date: 8 Mar 2019 18:39:26 -0000
Message-ID: <20190308183926.4615.qmail@cr.yp.to>
From: "D. J. Bernstein" <djb@cr.yp.to>
To: cfrg@irtf.org
Mail-Followup-To: cfrg@irtf.org
In-Reply-To: <B536DE62-B202-4484-91AE-DDF7C3DD9503@gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/msODdLeh-TPxmQ5Oyew6_KKweZg>
Subject: Re: [Cfrg] ISE seeks help with some crypto drafts
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Mar 2019 18:39:37 -0000

Time for security reviewers is a precious resource in cryptography. It
should be focused on the cryptographic systems that will have maximum
impact. I would therefore support a CFRG policy against spending time on
anything with a patent that doesn't expire soon (1 year? 2 years?).

However, I also think that this policy shouldn't be triggered without

   * a statement of the patent number and relevant claims (so other
     people have a way to check that there's actually a problem) and

   * a statement of the expiration date of the patent (so other people
     can see when it's safe to return to something previously patented).

It would have been helpful for users if, e.g., ECDSA standards had said
"We're using the following inferior design choices from NSA to avoid the
following claims from Schnorr patent 4995082, which will expire in 2008."

---Dan