Re: [Cfrg] Safecurves draft
Jon Callas <jon@callas.org> Thu, 09 January 2014 18:43 UTC
Return-Path: <jon@callas.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13F131AE50E for <cfrg@ietfa.amsl.com>; Thu, 9 Jan 2014 10:43:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CtmqZQtNezLZ for <cfrg@ietfa.amsl.com>; Thu, 9 Jan 2014 10:43:25 -0800 (PST)
Received: from mail.merrymeet.com (merrymeet.com [173.164.244.100]) by ietfa.amsl.com (Postfix) with ESMTP id 65ACB1AE50A for <cfrg@irtf.org>; Thu, 9 Jan 2014 10:43:25 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mail.merrymeet.com (Postfix) with ESMTP id 6D83B4AAEA2E for <cfrg@irtf.org>; Thu, 9 Jan 2014 10:43:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at merrymeet.com
Received: from mail.merrymeet.com ([127.0.0.1]) by localhost (merrymeet.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F06tSIIn390J for <cfrg@irtf.org>; Thu, 9 Jan 2014 10:43:14 -0800 (PST)
Received: from keys.merrymeet.com (keys.merrymeet.com [173.164.244.97]) by mail.merrymeet.com (Postfix) with ESMTPSA id C14A74AAEA24 for <cfrg@irtf.org>; Thu, 9 Jan 2014 10:43:14 -0800 (PST)
Received: from [10.0.23.100] ([173.164.244.98]) by keys.merrymeet.com (PGP Universal service); Thu, 09 Jan 2014 10:43:14 -0800
X-PGP-Universal: processed; by keys.merrymeet.com on Thu, 09 Jan 2014 10:43:14 -0800
Mime-Version: 1.0 (Mac OS X Mail 7.1 \(1827\))
From: Jon Callas <jon@callas.org>
In-Reply-To: <CACsn0ckufy9jfOXcMDA7WE+SzZUuuibucod8CkQeACnQam63-w@mail.gmail.com>
Date: Thu, 09 Jan 2014 10:43:14 -0800
Message-Id: <D186F1ED-DD2B-4A05-9E4C-617EA1249D24@callas.org>
References: <20140109031144.6111382.52184.8264@certicom.com> <20140109094731.GA12327@netbook.cypherspace.org> <CADMpkc+giuSZgrYmusRJmj5SyN9Dcu_Mdaqx5KQPyXGMmosFUw@mail.gmail.com> <CABqy+soXxjY+fEzpHP+_yn9Y1Xtapm_9OWbgDcA_J_Lukz_YLw@mail.gmail.com> <CADMpkcJFk2C5DPQX9RVWphUH25atsUX2vPA7RwNf8zbmR6dXJQ@mail.gmail.com> <CABqy+soX0xVWG0+vJs-_7O1Ur_hkDW0u0acCGZYrrtEci5QRXw@mail.gmail.com> <CADMpkcKptQrtXyaarkXiMpRyGmobEcywbTeTkkcb6uWB-yttwg@mail.gmail.com> <B29AD107-69D0-4EF5-9D5B-137C1E333AEA@shiftleft.org> <CACsn0ckufy9jfOXcMDA7WE+SzZUuuibucod8CkQeACnQam63-w@mail.gmail.com>
To: "cfrg@irtf.org" <cfrg@irtf.org>
X-Mailer: Apple Mail (2.1827)
X-PGP-Encoding-Format: Partitioned
X-PGP-Encoding-Version: 2.0.2
X-Content-PGP-Universal-Saved-Content-Transfer-Encoding: quoted-printable
X-Content-PGP-Universal-Saved-Content-Type: text/plain; charset=us-ascii
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Cfrg] Safecurves draft
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jan 2014 18:43:27 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I concur that we shouldn't call it "safecurves" or anything like that. I think that definitely this needs to heed Paul Hoffman's advice on names coming back to bite us. All crypto parameter sets have a lifespan where they're new and shiny, older and trusted, then kinda dodgy but accepted, and then outmoded or insecure. Each phase might be there for years or perhaps minutes. I've seen things go the entire lifecycle in an hour. We don't want the premature aging of one to tarnish the whole thing. Think about what you'd say when the Buzzfeed reporter calls you up for comment or background on their article "Ten Shocking Reasons Why SafeCurves are The Spawn of Satan" after a Eurocrypt paper has a new banana attack that shows a curve has ten fewer bits of security with 2^300 memory. I also think there should be a quick set of names where we specify what's a Montgomery and what's Edwards. This is already needed and the reason why there's 25519 and Ed25519 in current parlance. If we *don't* do it here, then someone else will. It's too useful not to have it. You can have a table with common names and extended names and have the extended names have something simple like a suffix of M or E. It's easy to fit 25519 and Ed25519 into this as well. Jon -----BEGIN PGP SIGNATURE----- Version: PGP Universal 3.2.0 (Build 1672) Charset: us-ascii wj8DBQFSzu3CsTedWZOD3gYRAvjQAJ9B7cbpze9iHhwEtb7V93IAuz2o3QCghrND YuOdLybBrq7s0mdSfKRcbK8= =uq7Y -----END PGP SIGNATURE-----
- [Cfrg] Safecurves draft Watson Ladd
- Re: [Cfrg] Safecurves draft Stephen Farrell
- Re: [Cfrg] Safecurves draft Watson Ladd
- Re: [Cfrg] Safecurves draft Manuel Pégourié-Gonnard
- Re: [Cfrg] Safecurves draft Watson Ladd
- Re: [Cfrg] Safecurves draft Manuel Pégourié-Gonnard
- Re: [Cfrg] Safecurves draft Dan Harkins
- Re: [Cfrg] Safecurves draft Manuel Pégourié-Gonnard
- Re: [Cfrg] Safecurves draft Paul Lambert
- Re: [Cfrg] Safecurves draft Watson Ladd
- Re: [Cfrg] Safecurves draft Alyssa Rowan
- Re: [Cfrg] Safecurves draft Stephen Farrell
- Re: [Cfrg] Safecurves draft Alyssa Rowan
- Re: [Cfrg] Safecurves draft Stephen Farrell
- Re: [Cfrg] Safecurves draft Watson Ladd
- Re: [Cfrg] Safecurves draft Paul Lambert
- Re: [Cfrg] Safecurves draft Watson Ladd
- Re: [Cfrg] Safecurves draft Paul Lambert
- Re: [Cfrg] Safecurves draft Isaac Chua
- Re: [Cfrg] Safecurves draft Dan Brown
- Re: [Cfrg] Safecurves draft Manuel Pégourié-Gonnard
- [Cfrg] Fwd: Re: Safecurves draft Alyssa Rowan
- Re: [Cfrg] Fwd: Re: Safecurves draft Manuel Pégourié-Gonnard
- Re: [Cfrg] Safecurves draft Adam Back
- Re: [Cfrg] Fwd: Re: Safecurves draft Robert Ransom
- Re: [Cfrg] Fwd: Re: Safecurves draft Manuel Pégourié-Gonnard
- Re: [Cfrg] Safecurves draft Johannes Merkle
- Re: [Cfrg] Safecurves draft Bodo Moeller
- Re: [Cfrg] Safecurves draft Robert Ransom
- Re: [Cfrg] Safecurves draft Bodo Moeller
- Re: [Cfrg] Safecurves draft Robert Ransom
- Re: [Cfrg] Safecurves draft Bodo Moeller
- Re: [Cfrg] Fwd: Re: Safecurves draft Robert Ransom
- Re: [Cfrg] Safecurves draft Mike Hamburg
- Re: [Cfrg] Safecurves draft Watson Ladd
- Re: [Cfrg] Safecurves draft Jon Callas
- Re: [Cfrg] Safecurves draft Paul Lambert
- Re: [Cfrg] Safecurves draft Paul Lambert
- Re: [Cfrg] Safecurves draft Watson Ladd
- Re: [Cfrg] Safecurves draft Bodo Moeller
- Re: [Cfrg] Fwd: Re: Safecurves draft Manuel Pégourié-Gonnard
- Re: [Cfrg] Safecurves draft Robert Ransom
- Re: [Cfrg] Fwd: Re: Safecurves draft Robert Ransom