[Cfrg] FourQ draft now available

Watson Ladd <watsonbladd@gmail.com> Thu, 22 September 2016 14:29 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4AE2D12B110 for <cfrg@ietfa.amsl.com>; Thu, 22 Sep 2016 07:29:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZvH8KuZyDcMM for <cfrg@ietfa.amsl.com>; Thu, 22 Sep 2016 07:29:06 -0700 (PDT)
Received: from mail-ua0-x230.google.com (mail-ua0-x230.google.com [IPv6:2607:f8b0:400c:c08::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B2DC412B80B for <cfrg@irtf.org>; Thu, 22 Sep 2016 07:05:32 -0700 (PDT)
Received: by mail-ua0-x230.google.com with SMTP id u68so729095uau.0 for <cfrg@irtf.org>; Thu, 22 Sep 2016 07:05:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to; bh=JkXFidvrw3wcbwGxML0/X3RYNmlJWDBz6aPg6rXW37Y=; b=UZnSG3RAK5zvt/HEKjmrZg7L/J043KOZJlqiXiMKyuMk5gMFMG4OlQ4AbjzUTfceM7 KINCJB3MYH9SfIlsxqTwqHpEdi7/yY8L1sVP3qjAeyHNvHA/CxvESjSOB3aasIotc7o7 JDMn58dYrLzevoMBICjuGezFqOvZ1mmGc3zjr9y9jYBAC1yJVgzBrGsIOYp5V/eLV2pU HIXdTCNF4PP68JeXwvxwQva1c0j2n51GKHth4APMb/SKt5yHVvW1Z10etUdIM0OlIR0X XF7al0B0xSaWZQtofhQaATRiTl3FKQo4fTQiDNMD8BqLgC3noEkBxgvSvZmf4jD9UZbf FO8A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=JkXFidvrw3wcbwGxML0/X3RYNmlJWDBz6aPg6rXW37Y=; b=SxCGMjLSwhrC6HkKq8HIApbjoW7EIIB3maStjm8UmVPMTyYOSmyW5l4ZNif/BHjd2S La7S2rnXXAahhbTDsMj4Wcr7UqU7rls9oom7wOvlkj+CUpZXvRU6u6eEomDYjpPWvbmm NkI6f5ajwwLSntGAWPNfcmSVVV0kc8LgDieZICoS9CiPaptu8wClwYMM6PlGD07J1/h9 ci6Ajh9yGH357h0/gfGdfGAPEXee+tzfCBY0TI+uRPNejUTdCH8hpOi8WoWjZS5E4GXF sYRk9+Qac7fWv8JvPiKPNfLm2nWSh+m6DLdoiWUCv3FBQkWo5fnnw/NmLuhkKBRDiAob +kiA==
X-Gm-Message-State: AE9vXwOpSAQapJa24ePiJiMi5dwtgippguvAg341nLDU7Xooq0UOJdddTIlvsOPkyGIkH9CyIQY1yETTlua4wA==
X-Received: by 10.176.0.143 with SMTP id 15mr96073uaj.33.1474553131601; Thu, 22 Sep 2016 07:05:31 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.176.4.102 with HTTP; Thu, 22 Sep 2016 07:05:31 -0700 (PDT)
From: Watson Ladd <watsonbladd@gmail.com>
Date: Thu, 22 Sep 2016 07:05:31 -0700
Message-ID: <CACsn0cnhf2MBm2uBB=-LgwJYM7_tB_3B9DHdAhvU9sZkwD4MGA@mail.gmail.com>
To: "cfrg@irtf.org" <cfrg@irtf.org>
Content-Type: text/plain; charset=UTF-8
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/sCqu86nFiAw_9beBXVqBM_zES_k>
Subject: [Cfrg] FourQ draft now available
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Sep 2016 14:29:08 -0000

Dear CFRG,

We would like to announce draft-ladd-cfrg-4q-00, which presents a
high-speed Diffie-Hellman key agreement based on the elliptic curve
FourQ. This scheme is significantly faster than Curve25519, especially
when using endomorphisms. For example, SUPERCOP tests indicate that
one Curve25519 shared secret computation is performed in approximately
156,000 Haswell cycles; our analogous tests with FourQlib indicate
that a shared secret computation is performed in only 56,000 Haswell
cycles (i.e., 2.8 times faster). In some applications, the cost of
public-key operations remains considerable and FourQ is capable of
reducing it, particularly in embedded devices and busy servers.

We hope this draft sees its way to an RFC soon.

Sincerely,
Watson Ladd, Patrick Longa, Richard Barnes