Re: [Cfrg] Safecurves draft

Bodo Moeller <bmoeller@acm.org> Thu, 09 January 2014 22:44 UTC

Return-Path: <SRS0=d0zJ=WP=acm.org=bmoeller@srs.kundenserver.de>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8FB531AC82A for <cfrg@ietfa.amsl.com>; Thu, 9 Jan 2014 14:44:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.467
X-Spam-Level:
X-Spam-Status: No, score=-1.467 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.538, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0CEw3Ain5kfO for <cfrg@ietfa.amsl.com>; Thu, 9 Jan 2014 14:44:05 -0800 (PST)
Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.17.8]) by ietfa.amsl.com (Postfix) with ESMTP id E54821AC85E for <cfrg@irtf.org>; Thu, 9 Jan 2014 14:44:04 -0800 (PST)
Received: from mail-oa0-f51.google.com (mail-oa0-f51.google.com [209.85.219.51]) by mrelayeu.kundenserver.de (node=mreu1) with ESMTP (Nemesis) id 0M7Wnz-1VDHx70bcF-00wZae; Thu, 09 Jan 2014 23:43:54 +0100
Received: by mail-oa0-f51.google.com with SMTP id m1so4166506oag.24 for <cfrg@irtf.org>; Thu, 09 Jan 2014 14:43:52 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=g48Nvh+ek2HEFrRu1kuQusKyHAttmSDR6WY1IqH6qHw=; b=BRmiguQcb14RyiQzGlXD/1rVyzha4qboMOPU4zT8OI6LUSimP08wjTAur9GaQktjTZ DYyFMtqOaNQXfsMUZxqEI9PkdsTIFnQMl+5HMvTvwjAB77PX/ro+ecGgxuGecaBmhWWM 1VdOp6sRLrAVcL73eElnWMTFR7tzkNxOWaG5Q/JAOR8imK9VPwDqkJs+UzQBBVcqesey uyG8CXsx/8ZdskUlzLoQIOr7HVtziLQHhDU532Me8vn/vhnnw/XQ9F5LzbfynoYs5V04 vm+dS0akX5ymReJTbGhEERLsSbQBN2W+Gz4hZnPYsKzStJ14Wm64UVCzGQRh/PeYUR9T ezKA==
MIME-Version: 1.0
X-Received: by 10.60.144.228 with SMTP id sp4mr4251929oeb.29.1389307432968; Thu, 09 Jan 2014 14:43:52 -0800 (PST)
Received: by 10.60.142.129 with HTTP; Thu, 9 Jan 2014 14:43:52 -0800 (PST)
In-Reply-To: <7BAC95F5A7E67643AAFB2C31BEE662D018B7ED7266@SC-VEXCH2.marvell.com>
References: <CACsn0cn4paZTmeVExn+na0MwzdvSn+MF_bmyRZ869pJrWb_8Bg@mail.gmail.com> <52CF1634.6000300@akr.io> <7BAC95F5A7E67643AAFB2C31BEE662D018B7ED7266@SC-VEXCH2.marvell.com>
Date: Thu, 9 Jan 2014 23:43:52 +0100
Message-ID: <CADMpkcLJj+H8mia09GYKs1FPKp5e1q8YwwdHmiadNoY5msyvjQ@mail.gmail.com>
From: Bodo Moeller <bmoeller@acm.org>
To: Paul Lambert <paul@marvell.com>
Content-Type: multipart/alternative; boundary=047d7b41ccbc06a96d04ef915894
X-Provags-ID: V02:K0:/ftfjgXndMMvScSq2Fzgl8eq+0Pwjdll58qPAfRhVlG xFnZxH9nLWuLW2icCKUGHlbxIF51ZkwdH50wfZzxPeldcx9/Jp 1WvO7bYYmeSHHLu63OuLEPRxs5j3B+76MSoE5Pt2zEJzuuWQNs wPh+3ObB1S8V8Mr6uhUq+ZFFdxY/jrGtoM7BjubLRfy/KhOz1/ um0FhYUHVih8nYyLYpydw4cC1w+ce/wAdnk52hsqzCSu+q9vzL ff8nG2XtX1cFHZu/Dwok2UwtxwPJQBp02AM34WJhqXPhitKssa KN71TQHRmuepliB61vBSiv5ZcWBAEbAAgdHc8LhTM7p/j9KPx1 zl8djHkACkf1/mWOeG1aHRNlhpbSfSfbnktoUwNUn/TGj7e7OY K/L8+hqyICWQiFCOGk3nonrCIwrsy8p3tIQD0LakBskJG/UUYG 3rtJ/
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] Safecurves draft
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jan 2014 22:44:06 -0000

Paul Lambert <paul@marvell.com>om>:


> This need not be an issue if the new names are clearly distinguishable
> and mapped to the old names.  For example: 'secp256r1' is identical to
> the later 'nistP521'
>
> I suggest that we reuse a similar nomenclature.  It would make the new
> curves
> look like equals in notation, provide a consistent nomenclature,
> And the postfix 'r1', 'r2' notation is handy for new parameters or
> generator
> points in the same curve/field.
>
> Proposal:
>  - first four characters define the curve type/equation/math/etc
>  - next 3 or more numbers are the field size
>  - next characters carry an 'r' followed by a revision indication
>
> curve3617 -> edwp414r1
>

"r1" in SECG curves indicates that it's "random" curve number 1 (as opposed
to "k1", which would be a Koblitz curve).  Of course the new names don't
have to look anything like SECG curve names, but if they do, that very
different meaning for a very similar postfix could end up causing some
confusion.  So I think you might want to adjust the proposal to
give curve3617 a name of the form "...p414ed1" instead.

Bodo