Re: [Cfrg] Hardware requirements for elliptic curves

Patrick Georgi <> Sat, 06 September 2014 19:18 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 575BB1A00C6 for <>; Sat, 6 Sep 2014 12:18:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.502
X-Spam-Status: No, score=-0.502 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HELO_EQ_DE=0.35, RP_MATCHES_RCVD=-1.652] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 8Hrj7kbYN79k for <>; Sat, 6 Sep 2014 12:18:45 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 593211A00B6 for <>; Sat, 6 Sep 2014 12:18:44 -0700 (PDT)
Received: from [IPv6:2001:470:1f0b:183:b009:4ed4:cc58:6b9e] (unknown [IPv6:2001:470:1f0b:183:b009:4ed4:cc58:6b9e]) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: patrick) by (Postfix) with ESMTPSA id 1464F22008D for <>; Sat, 6 Sep 2014 21:18:41 +0200 (CEST)
Message-ID: <>
Date: Sat, 06 Sep 2014 21:18:46 +0200
From: Patrick Georgi <>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.0
MIME-Version: 1.0
References: <> <>
In-Reply-To: <>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="nlXPuIJ3q8GC1bh77gqFX2P0vqhuADHED"
Subject: Re: [Cfrg] Hardware requirements for elliptic curves
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 06 Sep 2014 19:29:28 -0000

Am 06.09.2014 um 20:42 schrieb Watson Ladd:
> While it would be desirable to address this issue of random primes,
> the Brainpool curves did, and I don't see wide uptake in hardware of
> (then again, I don't know much about the hardware market, so could be
> wrong). indicates use of Brainpool in Germany's national ID cards. That will be some 60 million active smartcards in a couple of years (when older id cards expired). Some European passports seem to use it as well (as claimed on

The ID cards in particular include an opt-in feature that allows users to identify themselves electronically, eg. to provide an electronic equivalent to a signature for contracts signed online (The idea is to eliminate the need to snail mail hand-signed paperwork, at least for those using the system).

That feature makes it relevant for internet standards (unlike "internal" smartcard deployments that will never interact with a system inspired by IETF standards).