Re: [Cfrg] Recent SM2 and SM3 drafts update
Sean Shen 沈烁 <shenshuo@cnnic.cn> Sat, 22 February 2014 05:18 UTC
Return-Path: <shenshuo@cnnic.cn>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF1C81A02A5 for <cfrg@ietfa.amsl.com>; Fri, 21 Feb 2014 21:18:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.553
X-Spam-Level:
X-Spam-Status: No, score=0.553 tagged_above=-999 required=5 tests=[BAYES_50=0.8, MIME_8BIT_HEADER=0.3, NORMAL_HTTP_TO_IP=0.001, RP_MATCHES_RCVD=-0.548] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mpelU3L5IIRa for <cfrg@ietfa.amsl.com>; Fri, 21 Feb 2014 21:18:37 -0800 (PST)
Received: from cnnic.cn (smtp.cnnic.cn [218.241.118.7]) by ietfa.amsl.com (Postfix) with SMTP id D1E171A01CC for <cfrg@irtf.org>; Fri, 21 Feb 2014 21:18:36 -0800 (PST)
X-EYOUMAIL-SMTPAUTH: shenshuo@cnnic.cn
Received: from unknown127.0.0.1 (HELO adminpc) (127.0.0.1) by 127.0.0.1 with SMTP; Sat, 22 Feb 2014 13:18:26 +0800
From: Sean Shen 沈烁 <shenshuo@cnnic.cn>
To: "'Blumenthal, Uri - 0558 - MITLL'" <uri@ll.mit.edu>, cfrg@irtf.org
References: <010601cf2d1b$5b4cf210$11e6d630$@cn> <VCCVFZQNKCJOSEAXLSEVCUJZJDZE.prvs=71278c4eaf=uri@ll.mit.edu> <01b601cf2dee$25bb9330$7132b990$@cn> <CF2B946E.11EA6%uri@ll.mit.edu>
In-Reply-To: <CF2B946E.11EA6%uri@ll.mit.edu>
Date: Sat, 22 Feb 2014 13:18:35 +0800
Message-ID: <034b01cf2f8d$89a0ba60$9ce22f20$@cn>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Ac8uWkzBW25CVVLAQwusos4W4zlkyABHdr+Q
Content-Language: zh-cn
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/ujx7653ZOZGKjuzzD6Q8pCr_gsk
Subject: Re: [Cfrg] Recent SM2 and SM3 drafts update
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 22 Feb 2014 05:18:40 -0000
hi, Uri > >>Are there (free :) reference implementations available? > >Yes, there are free implementations, please check the infor web I > >included in the email: > >http://218.241.108.63/wiki/en/index.php/Main_Page > >There is a "software implementation" link on the left. > > Nice! > > Unfortunately, quite a few things - including directory name in at least > one case - are in Chinese (literally :). Since unfortunately I don't > speak/read Chinese, it adds unnecessary difficulties. Suggestion: edit it > so they are entirely in English, preferably using ASCII. Thanks for the suggestions. I checked the codes, one of them has a Chinese word in direction name, 3 of them have Chinese comments in the codes, only one code is in pure English. Here is what I will do: since I am not the author of the codes, probably not proper for me to change the codes. I will have the Chinese translated and provide the pure English versions for download beside the original ones, also provide a note on the download page and stating the situation. This will be done before Monday afternoon (Beijing time). Here are the details: ________________________________________________ 1. c language open source codes:SM2,SM3,SM4 http://218.241.108.63/wiki/en/index.php/File:Sm2_sm3_sm4_c_language_open_source_code.zip There is a Chinese word in Dictionary. I will replace it by English. 2. Java language:ECC http://218.241.108.63/wiki/en/index.php/File:Java_ecc_code.zip There are Chinese comments in the codes. I will translate it in English. 3. openssl language:SM2 http://218.241.108.63/wiki/en/index.php/File:SM2-Openssl_language.zip No langusage problems 4. Java language:SM3 http://218.241.108.63/wiki/en/index.php/File:Sm3-Java.zip There are a lot Chinese comments in the codes. I will translate it in English. 5. Java language:SM4 http://218.241.108.63/wiki/en/index.php/File:Sm4-Java.zip There are a few Chinese comments in the codes. I will translate it in English. ____________________________________________________________________ > Also, I'd like to second the question that Joachim asked earlier: what are > the Copyright and Intellectual Property statements for this code, and for > these algorithms? Who owns them, and who does the owner allow usage of > those algorithms (and of that code)? On what conditions (if any are > stated)? Good questions. As for the algorithms, here is what I am aware of: There is patent (or patents) with the algorithms. But when the algorithms were adopted by TCG (Trusted Computing Group) in TPM 2.0 standards, the owners announced these patents free in TCG. I contacted the owners and they are discussing to give statement here following IETF's rules. I will keep updating it for all, on both my web and ietf mailing list. As for the codes, they were collected on the internet, some from programmers' community or from course projects, by people who are interested in this area or students who did course project. These are just for simple testing of the algorithms. If I need codes for my serious purpose (commercial or non-commercial), I would prefer commercial development work or our own development, it's not a lot work after all. Authors of these codes didn't left information regarding copyright or license, I am contacting the authors of the codes via limited contact information in codes, if I am lucky to get in touched with them, they might give more information. Also CCed and thanks Joachim for his attention. I try to put similar answers in this single reply so that I won't miss any if the thread goes long. > Also, I'm interested in the SM2 suite, especially its Authenticated Key > Exchange part. Us there (a) a complete description in English, and (b) > source code available for it? There was a paper at CANS 2011 "Comments on > SM2 Key Exchange" that pointed out a weakness, and suggested a fix for it. > Can you tell whether that suggestion has been incorporated in the current > SM2 key exchange standard? Thanks for this information. To answer that I will finish reading the paper and give clear feedback. I will give feedbacks soon following Watson's thread. Thanks! Sean > Again, to repeat myself and echo Joachim: in order to do anything with > these algorithms (even to look at them) we need to know their > licensing/IPR and copyright status. > > Thanks!
- [Cfrg] Recent SM2 and SM3 drafts update Sean Shen 沈烁
- Re: [Cfrg] Recent SM2 and SM3 drafts update Watson Ladd
- Re: [Cfrg] Recent SM2 and SM3 drafts update Paul Lambert
- Re: [Cfrg] Recent SM2 and SM3 drafts update Stephen Farrell
- Re: [Cfrg] Recent SM2 and SM3 drafts update Sean Shen 沈烁
- Re: [Cfrg] Recent SM2 and SM3 drafts update Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] Recent SM2 and SM3 drafts update David McGrew
- Re: [Cfrg] Recent SM2 and SM3 drafts update Sean Shen 沈烁
- Re: [Cfrg] Recent SM2 and SM3 drafts update Joachim Strömbergson
- Re: [Cfrg] Recent SM2 and SM3 drafts update Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] Recent SM2 and SM3 drafts update Sean Shen 沈烁
- Re: [Cfrg] Recent SM2 and SM3 drafts update Sean Shen 沈烁
- Re: [Cfrg] Recent SM2 and SM3 drafts update Paul Lambert