Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as a RG document
Andrey Jivsov <crypto@brainhub.org> Fri, 09 January 2015 00:11 UTC
Return-Path: <crypto@brainhub.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8D9191A6FE7 for <cfrg@ietfa.amsl.com>; Thu, 8 Jan 2015 16:11:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D79K5lUScYnM for <cfrg@ietfa.amsl.com>; Thu, 8 Jan 2015 16:11:07 -0800 (PST)
Received: from resqmta-po-06v.sys.comcast.net (resqmta-po-06v.sys.comcast.net [IPv6:2001:558:fe16:19:96:114:154:165]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B7E9A1A1B69 for <cfrg@irtf.org>; Thu, 8 Jan 2015 16:11:07 -0800 (PST)
Received: from resomta-po-05v.sys.comcast.net ([96.114.154.229]) by resqmta-po-06v.sys.comcast.net with comcast id dcAB1p0044xDoy801cB7VG; Fri, 09 Jan 2015 00:11:07 +0000
Received: from [IPv6:::1] ([71.202.164.227]) by resomta-po-05v.sys.comcast.net with comcast id dcB51p00X4uhcbK01cB60w; Fri, 09 Jan 2015 00:11:06 +0000
Message-ID: <54AF1C99.5070308@brainhub.org>
Date: Thu, 08 Jan 2015 16:11:05 -0800
From: Andrey Jivsov <crypto@brainhub.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
To: Watson Ladd <watsonbladd@gmail.com>
References: <54AAE2CA.1080701@isode.com> <54AEF855.4090100@brainhub.org> <CACsn0cm01o4vhwwzs_WNpLq6vnA_cBchvLNS+Eyg5YZH_hQyMg@mail.gmail.com>
In-Reply-To: <CACsn0cm01o4vhwwzs_WNpLq6vnA_cBchvLNS+Eyg5YZH_hQyMg@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20140121; t=1420762267; bh=0kqsJYiKSpP8jBqqM/OjvYrhpKfwIN+xUbgW9NzFjZ4=; h=Received:Received:Message-ID:Date:From:MIME-Version:To:Subject: Content-Type; b=myzcfqNhJHAT4bSBAAuq7zvr4H+c6e5pYnw8LODywGxNVibjr7oKakbkXw/RYt7oP RpPX2DKR0mSo0znGNC5/P9oC3ZrPEWaDiao21bbeawj1snL5PNpmYuM9jrVZhaVrLK 7MPDk7bK6vsUVlbwxqqHNW9fwDi1mp0zvoufB1UuIzhFmqtjSvCEGgT2qRV2ysHKsX BO6Dh1D67HXzxPVEl9D/9vwFbfb1i7pC0pBVZR9cw12Ke8R2EsfjmxTC57y/GMawGU hxUrTW8e/FuuD6QuAZBZkLiZ3K9zAnJgOBKVbQqXtOCvspvN/0tT9zoZvO6Jg1IRPA 99Q1l8zi7i9fQ==
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/rv1m5mUiH4koZlt55UObKU29zTY>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as a RG document
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Jan 2015 00:11:09 -0000
On 01/08/2015 01:51 PM, Watson Ladd wrote: > Three points: > > 1: There are recurring security issues caused by not sending > compressed points, as well as additional complexity > 2: We're not talking about signatures in this draft. > 3: Options are bad. Regarding options, this draft is a foundational document of a low-level crypto primitive. Protocols above can still pick a single wire format. The spec should allow, for example, S/MIME to select (x) for space saving, while TLS to select (x,y) for performance. (I am not making these choices here). The entire document is an optional primitive. SuiteB and Brainpool curves will be around for awhile. One might say that the proposed tweak retains a single format, which is (x,y), with an available (internal) optimization to use x with a Montgomery ladder. Re: security issues, the easiest fix would be to add one paragraph to to check that (x,y) is on the curve. The spec already deals with the cofactor>1 in section 9.1.
- [Cfrg] Adoption of draft-agl-cfrgcurve-00 as a RG… Alexey Melnikov
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Adam Langley
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Stephen Farrell
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Watson Ladd
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Tony Arcieri
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Adam Langley
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Ilari Liusvaara
- [Cfrg] (please make draft an IETF document first)… Rene Struik
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Paul Lambert
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … David Leon Gil
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Michael Hamburg
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Alyssa Rowan
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Dan Brown
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … David Gil
- Re: [Cfrg] (please make draft an IETF document fi… Alexey Melnikov
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Sean Turner
- Re: [Cfrg] (please make draft an IETF document fi… Alexey Melnikov
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Watson Ladd
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Andrey Jivsov
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Adam Langley
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Andrey Jivsov
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Watson Ladd
- [Cfrg] options (was: Re: Adoption of draft-agl-cf… Stephen Farrell
- [Cfrg] No longer talking about Adoption of draft-… Alexey Melnikov
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Joppe Bos
- Re: [Cfrg] options (was: Re: Adoption of draft-ag… Paul Hoffman
- Re: [Cfrg] options Andrey Jivsov
- Re: [Cfrg] draft-agl-cfrgcurve-00 point format (w… Alyssa Rowan
- Re: [Cfrg] draft-agl-cfrgcurve-00 point format Andrey Jivsov
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Robert Ransom
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Ilari Liusvaara
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Robert Ransom
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Alexey Melnikov
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Alexey Melnikov
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Tony Arcieri
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Alexey Melnikov
- Re: [Cfrg] Adoption of draft-agl-cfrgcurve-00 as … Stephen Farrell
- [Cfrg] (technical flaws to be corrected in next v… Rene Struik
- Re: [Cfrg] (technical flaws to be corrected in ne… Adam Langley
- Re: [Cfrg] (technical flaws to be corrected in ne… Rene Struik
- Re: [Cfrg] (technical flaws to be corrected in ne… Adam Langley