IETF Logo Mail Archive

Re: [Cfrg] On "non-NIST"

Paul Lambert <paul@marvell.com> Wed, 25 February 2015 19:32 UTC

Return-Path: <paul@marvell.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E08B1A86FE for <cfrg@ietfa.amsl.com>; Wed, 25 Feb 2015 11:32:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.267
X-Spam-Level:
X-Spam-Status: No, score=-2.267 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YGxlFE5NGxqo for <cfrg@ietfa.amsl.com>; Wed, 25 Feb 2015 11:32:01 -0800 (PST)
Received: from mx0a-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 68E2A1A86DF for <cfrg@irtf.org>; Wed, 25 Feb 2015 11:32:00 -0800 (PST)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.14.5/8.14.5) with SMTP id t1PJTtt1028536; Wed, 25 Feb 2015 11:31:55 -0800
Received: from sc-owa.marvell.com ([199.233.58.135]) by mx0a-0016f401.pphosted.com with ESMTP id 1spfpbxk3y-2 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Wed, 25 Feb 2015 11:31:55 -0800
Received: from SC-vEXCH2.marvell.com ([10.93.76.134]) by SC-OWA.marvell.com ([::1]) with mapi; Wed, 25 Feb 2015 11:31:53 -0800
From: Paul Lambert <paul@marvell.com>
To: "stephen.farrell@cs.tcd.ie" <stephen.farrell@cs.tcd.ie>, "paul.hoffman@vpnc.org" <paul.hoffman@vpnc.org>
Date: Wed, 25 Feb 2015 11:31:52 -0800
Thread-Topic: [Cfrg] On "non-NIST"
Thread-Index: AdBRMbTrZjTaDaEUSIG1FUJPnGwthQ==
Message-ID: <D1135B9A.5C434%paul@marvell.com>
References: <54EDDBEE.5060904@isode.com> <54EDEE67.1010102@cs.tcd.ie> <D02DF679-9485-467F-A47C-FFF15139278B@vpnc.org> <q0xidr.nkcbrp.2vaesh-qmf@mercury.scss.tcd.ie>
In-Reply-To: <q0xidr.nkcbrp.2vaesh-qmf@mercury.scss.tcd.ie>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.8.150116
acceptlanguage: en-US
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.13.68, 1.0.33, 0.0.0000 definitions=2015-02-25_07:2015-02-25,2015-02-25,1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1402240000 definitions=main-1502250203
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/v3CBQZw-m5sEYYtpY44OTygKvQ4>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] On "non-NIST"
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Feb 2015 19:32:02 -0000


On 2/25/15, 10:38 AM, "stephen.farrell@cs.tcd.ie"
<stephen.farrell@cs.tcd.ie> wrote:

>
>
>On Wed Feb 25 18:05:47 2015 GMT, Paul Hoffman wrote:
>> On Feb 25, 2015, at 7:46 AM, Stephen Farrell
>><stephen.farrell@cs.tcd.ie> wrote:
>> > I do "prefer" that CFRG document only one of those as being
>> > the usual non-NIST choice for >128 bit work factor.
>> 
>> The term "non-NIST" is predictive, and the crypto community kinda sucks
>>at predictions. We have no idea what NIST will do in the future if a
>>bunch of IETF WGs adopt specific elliptic curves that are not P256/P384.
>>Unfortunately, I suspect current NIST folks also have no idea what NIST
>>will do in that case either. In the past, NIST has sometimes (but not
>>always) responded to pressure from the real world about crypto
>>algorithms and modes; let's hope for the best here.
>
>Sure, I agree it'd be good if NIST also annoint the output from this cfrg
>process. But right now non-NIST is the correct distinguishing term for
>what I meant. I see no reason that term will be needed in an RFC though
>if that helps assuage some sensitivity somewhere in the universe :-)

Branding is very important Š  "non-NIST" is adversarial and will
discourage adoption.  NIST is also not the only Government agency
recommending specific curve parameters.

The NIST and other recommended Small Weierstrass curves are all based on
the late 90¹s technology and requirements.

The CFRG recommendations for Œnew curves¹ represent significant
improvements based on more contemporary mathematical techniques and
industry requirements. The well identified benefits and more modern
aspects of the recommendations should be emphasized.

Paul



>
>S.
>
>
>> 
>> --Paul Hoffma
>_______________________________________________
>Cfrg mailing list
>Cfrg@irtf.org
>http://www.irtf.org/mailman/listinfo/cfrg

v2.23.0 | Report a Bug | By Email