Re: [Cfrg] IBE checking...

Tanja Lange <tanja@hyperelliptic.org> Mon, 21 March 2016 15:09 UTC

Return-Path: <tanja@hyperelliptic.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7CFE212D5CA for <cfrg@ietfa.amsl.com>; Mon, 21 Mar 2016 08:09:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TwhFzRSbUo6X for <cfrg@ietfa.amsl.com>; Mon, 21 Mar 2016 08:09:21 -0700 (PDT)
Received: from calvin.win.tue.nl (calvin.win.tue.nl [131.155.70.11]) by ietfa.amsl.com (Postfix) with SMTP id 4025412D50E for <Cfrg@irtf.org>; Mon, 21 Mar 2016 08:09:17 -0700 (PDT)
Received: (qmail 20225 invoked from network); 21 Mar 2016 15:09:40 -0000
Received: from ein.win.tue.nl (HELO hyperelliptic.org) (131.155.70.18) by calvin.win.tue.nl with SMTP; 21 Mar 2016 15:09:40 -0000
Received: (qmail 31963 invoked by uid 1004); 21 Mar 2016 15:09:40 -0000
Date: Mon, 21 Mar 2016 16:09:40 +0100
From: Tanja Lange <tanja@hyperelliptic.org>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Message-ID: <20160321150939.GJ17551@ein.win.tue.nl>
References: <546A1ABC.2010505@cs.tcd.ie> <56F00956.2010600@cs.tcd.ie>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <56F00956.2010600@cs.tcd.ie>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/ve2RF3rhgYFF0iNFcy_Cog_NOF0>
Cc: "cfrg@irtf.org" <Cfrg@irtf.org>
Subject: Re: [Cfrg] IBE checking...
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Mar 2016 15:09:23 -0000

Dear Stephen, dear all,
> While I'm not a fan of IBE myself, and there's still no published
> analyses, I don't think we can block experimental stuff for those
> reasons alone. (Otherwise CFRG might have a hard time producing
> some new experimental specs for example.) Mind you, that does
> assume that the rest of the world know the difference between
> experimental and standards-track RFCs, which is not actually
> true, but we do also need to stick with the rules of the game
> that we've setup so I think this is the correct, if not the
> optimal, outcome.
> 
There is ongoing work on breaking the discrete log problem in the
target group (the group where the pairing maps to). The most 
recent publication I'm aware of is
	https://eprint.iacr.org/2015/1027

At ECC 2015 Aurore Guillevic gave a talk
Computing individual discrete logarithms faster in F_{p^n} with the Number Field Sieve algorithm
in which she is targeting fields with 1<=n<=12, which are exactly the
fields appearing as targets of pairings. For abstract and slides see
	http://ecc2015.math.u-bordeaux1.fr/index.php?category=conference&page=programme
So, at this moment I'd suggest some caution for parameter suggestions.

All the best
	Tanja