Re: [Cfrg] Elliptic Curves - curve form and coordinate systems (ends on March 12th)

Alyssa Rowan <akr@akr.io> Fri, 06 March 2015 01:54 UTC

Return-Path: <akr@akr.io>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7CF321A90FA for <cfrg@ietfa.amsl.com>; Thu, 5 Mar 2015 17:54:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ooeO9ZHIAX_a for <cfrg@ietfa.amsl.com>; Thu, 5 Mar 2015 17:54:31 -0800 (PST)
Received: from entima.net (entima.net [78.129.143.175]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 379011A90EF for <cfrg@irtf.org>; Thu, 5 Mar 2015 17:54:31 -0800 (PST)
Message-ID: <54F908D1.6010405@akr.io>
Date: Fri, 06 Mar 2015 01:54:25 +0000
From: Alyssa Rowan <akr@akr.io>
MIME-Version: 1.0
To: cfrg@irtf.org
References: <54F8E735.2010202@isode.com>
In-Reply-To: <54F8E735.2010202@isode.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/x1OQaGrInRrQdyApe5gTi0TFT2E>
Subject: Re: [Cfrg] Elliptic Curves - curve form and coordinate systems (ends on March 12th)
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Mar 2015 01:54:32 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 05/03/2015 23:31, Alexey Melnikov wrote:
> Q4: […] Do we want to stay with specifying the inputs and outputs
> in Montgomery form for [the scalar multiplication and DH]
> routines?

Yes, stick with Montgomery for DH/scalarmult.

The simplicity of X25519 is extremely hard to beat, and it has already
been widely deployed. I see no good reason to change that.

- -- 
/akr
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJU+QjLAAoJEOyEjtkWi2t6RusP/0JOYiVqdpXXWUZjTshW1jd2
LE7FnYagUotxr11X7lzW6GH1Pn67dgvt+62nFTSfg5vnqwh7EBYMm9cgObYmYF5b
NGyWGUOPzjxdItz+EtKniDGrxFPHnlCe2uhEcLwdZw2guD3fcfhsGTIupIb3BLjG
G75w1DcABIishoZYk7zFLlkZHgPplwd1HEhtMw3zZ05Zmor0jfrItQSdY4l8afM2
uqVNfgw1avjmvFNY9CxHYiGAb0O66zhZOb2Ytkb1hsqVtW4AcTuaw0sln1LCgStU
MLZWUul5RCjCkVbag8PxN5i/AXoGm4vOsFvsFuWkP9zDpBBaGQQsUJMxrxiDL9+U
JhT8nAt9CbhOmribFTjhZGiYq5hVIJ8t3iaeFlBESRd3F1xvkYlvv3uPicuVc5DF
J2a8nod/HjkGgDsgPi2R1fqh6l6+VszoSCLulaT2ex5v8RwudG23lDILeMX8Zqj7
ZTkWwCNYywYNiqRHSSQO9/hjPsFNln9zQXjiH+EZzLQzmTT6pYKbk9YQuLKkkEnn
swKy51qnfmeYxKHgDbYfjtUI3tpwwn+Nojjwhukpp4ViuXSHOsXG+IH86nZwp3fM
pImlUv1SY6zDwU+HqMkD6HxUtDXccxOGT6G/EQugXfpXqtc+1fKdMDdCyyg0XFeC
IR+VNYp2BDYXxQdvCxH3
=ScsS
-----END PGP SIGNATURE-----