Re: [Cfrg] Fwd: [TLS] Curve25519 in TLS and Additional Curves in TLS
Andrey Jivsov <crypto@brainhub.org> Tue, 28 January 2014 08:26 UTC
Return-Path: <crypto@brainhub.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 84C6F1A005E for <cfrg@ietfa.amsl.com>; Tue, 28 Jan 2014 00:26:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YOouMve2WN4m for <cfrg@ietfa.amsl.com>; Tue, 28 Jan 2014 00:26:05 -0800 (PST)
Received: from qmta07.emeryville.ca.mail.comcast.net (qmta07.emeryville.ca.mail.comcast.net [IPv6:2001:558:fe2d:43:76:96:30:64]) by ietfa.amsl.com (Postfix) with ESMTP id 9C0A51A003E for <cfrg@irtf.org>; Tue, 28 Jan 2014 00:26:05 -0800 (PST)
Received: from omta04.emeryville.ca.mail.comcast.net ([76.96.30.35]) by qmta07.emeryville.ca.mail.comcast.net with comcast id KLS31n0010lTkoCA7LS3g0; Tue, 28 Jan 2014 08:26:03 +0000
Received: from [192.168.1.8] ([71.202.164.227]) by omta04.emeryville.ca.mail.comcast.net with comcast id KLS11n00H4uhcbK8QLS28c; Tue, 28 Jan 2014 08:26:02 +0000
Message-ID: <52E76999.5030809@brainhub.org>
Date: Tue, 28 Jan 2014 00:26:01 -0800
From: Andrey Jivsov <crypto@brainhub.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: Robert Ransom <rransom.8774@gmail.com>
References: <87ob3456s1.fsf@latte.josefsson.org> <CABqy+spt7BYqjsqLAkZssGp3aY9M+iLqV+pmyr7ZN-TXmJJpVg@mail.gmail.com> <52E060D0.9030801@polarssl.org> <CABqy+spJoswrPovxf18QS1SGdk6K=mfny6joJm3X24Vh65oagQ@mail.gmail.com> <52E0E241.40406@polarssl.org> <CABqy+sqs31ATDWJSum55m1o5pRvw8Wq5GtB-mF-hgP2emB5eFQ@mail.gmail.com> <CABqy+sozYSOTh7pbUS2GXf=4kYV3zgztXZBa10Bx=s-N8zHHyA@mail.gmail.com> <CABqy+soSojSMfx=yU9eFhmAeuJaJ_r=4h=RDR6JtOchYZ9zsQA@mail.gmail.com> <52E1BAE0.8060809@brainhub.org> <CABqy+sqpJr8Vki7-hP4nvwz0VP6+-1RnZ8taz6MZsxkWXfm8FA@mail.gmail.com>
In-Reply-To: <CABqy+sqpJr8Vki7-hP4nvwz0VP6+-1RnZ8taz6MZsxkWXfm8FA@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20121106; t=1390897563; bh=fue3FK6GKAKrACR57wo2fxE7WqSlm8MjSkFRBwNYhr0=; h=Received:Received:Message-ID:Date:From:MIME-Version:To:Subject: Content-Type; b=WpSXkD4nKwK2ruiSegGSUqlvwREJl17FQuix61tGbyVGecZEX1GAH3VgW8Tpjjnns 82cw+9wrv5oU4PnK1qK5BuiE8orgwclWdtFB+WicFIjZfgBohR6RCKLfaC5lVtsFji VmXn+bU0uCIpk81Aa3Wd4+Kzu5JD2Jg9PIu5DTxpiYcJlWkyfhPC4Vl5GJoWmhHj8c zEoRMsL94Hg9OF3K3LjZT9BODkkGQi+9SXc++nKa7uaRHX/t4p5a8fbgE3CdAueJVS QzMe5faTehcrDrNsYMuQgMp9yebU9S2dfx9aziGcEpaQk8qY124+yo+jFk1QV2wyay 0Z/YeK3Kt0s/w==
Cc: cfrg@irtf.org
Subject: Re: [Cfrg] Fwd: [TLS] Curve25519 in TLS and Additional Curves in TLS
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jan 2014 08:26:07 -0000
On 01/23/2014 06:58 PM, Robert Ransom wrote: > On 1/23/14, Andrey Jivsov <crypto@brainhub.org> wrote: > >> Wouldn't http://tools.ietf.org/html/draft-jivsov-ecc-compact be another >> method? > >> ( BTW, the proposal in the draft is in public domain since it was >> published on December 10, 2012. ) > > Are you claiming that the point format that I suggested is patented? I was making a statement about my contribution, in case this issue comes up. The IP for the use of 1 bit to compress a point is a common knowledge, but I've heard that some of them are expiring. However, I am concerned about the cofactor issue. These curves have the cofactor greater than 1. Unlike "unsafe" NIST curves, this needs to be handled. The draft suggest methods that, as I understand them, may run into IP issues. Besides, there may be protocols that want to do classic DH. One solution to these issues is to enumerate the points in the small subgroup, explicitly in the document, or by providing the method to identify them.
- [Cfrg] Fwd: [TLS] Curve25519 in TLS and Additiona… Robert Ransom
- Re: [Cfrg] Fwd: [TLS] Curve25519 in TLS and Addit… Andrey Jivsov
- Re: [Cfrg] [TLS] Curve25519 in TLS and Additional… Michael Hamburg
- Re: [Cfrg] Fwd: [TLS] Curve25519 in TLS and Addit… Robert Ransom
- Re: [Cfrg] [TLS] Curve25519 in TLS and Additional… Robert Ransom
- Re: [Cfrg] [TLS] Curve25519 in TLS and Additional… Mike Hamburg
- Re: [Cfrg] [TLS] Curve25519 in TLS and Additional… Andrey Jivsov
- Re: [Cfrg] [TLS] Curve25519 in TLS and Additional… Michael Hamburg
- Re: [Cfrg] [TLS] Curve25519 in TLS and Additional… Andrey Jivsov
- Re: [Cfrg] [TLS] Curve25519 in TLS and Additional… Michael Hamburg
- Re: [Cfrg] [TLS] Curve25519 in TLS and Additional… Andrey Jivsov
- Re: [Cfrg] [TLS] Curve25519 in TLS and Additional… Robert Ransom
- Re: [Cfrg] [TLS] Curve25519 in TLS and Additional… Andrey Jivsov
- Re: [Cfrg] [TLS] Curve25519 in TLS and Additional… Watson Ladd
- Re: [Cfrg] [TLS] Curve25519 in TLS and Additional… Dan Harkins
- Re: [Cfrg] Fwd: [TLS] Curve25519 in TLS and Addit… Andrey Jivsov
- Re: [Cfrg] Fwd: [TLS] Curve25519 in TLS and Addit… Robert Ransom
- Re: [Cfrg] Fwd: [TLS] Curve25519 in TLS and Addit… Andrey Jivsov