Re: [Crypto-panel] Request for review: draft-ribose-openpgp-oscca-01

"Stanislav V. Smyshlyaev" <smyshsv@gmail.com> Tue, 28 November 2017 16:08 UTC

Return-Path: <smyshsv@gmail.com>
X-Original-To: crypto-panel@ietfa.amsl.com
Delivered-To: crypto-panel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 358471271FD for <crypto-panel@ietfa.amsl.com>; Tue, 28 Nov 2017 08:08:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PdJoBYdEdfxg for <crypto-panel@ietfa.amsl.com>; Tue, 28 Nov 2017 08:08:04 -0800 (PST)
Received: from mail-qk0-x22a.google.com (mail-qk0-x22a.google.com [IPv6:2607:f8b0:400d:c09::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 39CDD1270B4 for <crypto-panel@irtf.org>; Tue, 28 Nov 2017 08:08:04 -0800 (PST)
Received: by mail-qk0-x22a.google.com with SMTP id i130so453986qke.4 for <crypto-panel@irtf.org>; Tue, 28 Nov 2017 08:08:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=fG35y4oSCca79BCAOqr0y3JGkQNsmUm0jU/WCrXk0/k=; b=OaBX8yylzbgThnv8LL0YhuV1a7h4LQ3Hwin9HZmVpH4sf6eWlBXp9ao+QwM0x88uq9 Jaw72rtX7lz4MKS7JRNp69btdvJdfhj0Chx+uw2yHc8DHWerl6EfRr88u8msnuOj5QIh k4W4ibNKHQP9uaBy1DWxk4y2oCZq4AiUIEj/W6Ao9auluYRJ6UDFtkfyTyMBd+OHy7q8 d6QG/3cJaG8r41gkbi3S8lFFLl8mbkgrANQIqDHbsK53SvyrBqZVcmwzPEW21dDL/3DO XrFMLcXdm2iQBL2SK3wASqEMDFdEDKUGQF4BiU+4+aPSko3VCmBdZyct38dtlxfSYv7R aojw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=fG35y4oSCca79BCAOqr0y3JGkQNsmUm0jU/WCrXk0/k=; b=RFBVpEttwMKB6IXeq4a6vu5AYaAfY0fRHO1UmIDsIa2fLvEO4+p+PvBYkdvrBvn55e 9e8fKFG3m1Db/Q1IY5Tm69ypYiGDwNL36tMjgF+kUjKFPzA3wOpAcC7kPVNeUUlnTe9r MMKvGIgOMs8AGzqEXV5WpdGjdZVs4oOAhJJDugLYye0bDdTnwzGKaOzt4n93VZSJWHNC lwaMzM6kG8fibz39Glbx1xTdIWz0W/ys1hFk6RcEn4HRj9kPCt1HgJ3LWx3MIamY+ckJ bUoeG8gw01l0rIJCG/+hGPFRgX7iALMAIdWKEQao9/u7JGAoCns9ztfelBc+UNifa1SW vs6w==
X-Gm-Message-State: AJaThX7cLloKtxh44rzQUSkZlEBUPkCTYkV0zNGb6ysVBX3MjBIDbixl jIeG87ndDu4+isVJrHPSBnNR1g7yOwwzkx7PtL8=
X-Google-Smtp-Source: AGs4zMb7zW796oWlb8hLDVDfnKn8YtdAsIZ7/NpkCVru29VAQukwmSo47io6Fp6VRKHTyr7/ctzY98QgRFRVSau4ArM=
X-Received: by 10.55.22.7 with SMTP id g7mr9332048qkh.82.1511885283259; Tue, 28 Nov 2017 08:08:03 -0800 (PST)
MIME-Version: 1.0
Received: by 10.12.142.139 with HTTP; Tue, 28 Nov 2017 08:08:02 -0800 (PST)
In-Reply-To: <E6993497-43A6-4CB2-866E-D5AF55E1D168@ribose.com>
References: <56db317a-07ad-0ad4-b1d1-31f12283115e@isode.com> <CAMr0u6nk5xo18Y93uWXKvXsbKX8o7pVx-MWrumvQnkYERPgbpw@mail.gmail.com> <E6993497-43A6-4CB2-866E-D5AF55E1D168@ribose.com>
From: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>
Date: Tue, 28 Nov 2017 19:08:02 +0300
Message-ID: <CAMr0u6kk4HDKUKJqt3WPjO3jX+B4BoiidTQvdr7k7TLDqcG0-A@mail.gmail.com>
To: Ronald Tse <tse@ribose.com>
Cc: Alexey Melnikov <alexey.melnikov@isode.com>, "crypto-panel@irtf.org" <crypto-panel@irtf.org>, Nancy Cam-Winget <ncamwing@cisco.com>, "draft-ribose-openpgp-oscca.authors@ietf.org" <draft-ribose-openpgp-oscca.authors@ietf.org>, Tim Polk <tim.polk@nist.gov>
Content-Type: multipart/alternative; boundary="001a11474b6e3ff947055f0d3961"
Archived-At: <https://mailarchive.ietf.org/arch/msg/crypto-panel/0ypUSolUoUf9jZVSCVZWrHwBN-M>
Subject: Re: [Crypto-panel] Request for review: draft-ribose-openpgp-oscca-01
X-BeenThere: crypto-panel@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <crypto-panel.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/crypto-panel>, <mailto:crypto-panel-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/crypto-panel/>
List-Post: <mailto:crypto-panel@irtf.org>
List-Help: <mailto:crypto-panel-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/crypto-panel>, <mailto:crypto-panel-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Nov 2017 16:08:07 -0000

Dear Ronald,

Since the document is dedicated to the algorithms and elliptic curve
parameters, it would be very helpful if you could point at papers with
their analysis in English, if some of them are not publicly available (or
could not be easily found via public resources). Also, it will be extremely
important if you could provide some materials with design rationale of the
algorithms and parameters presented in the I-D.

Of course, full cryptanalysis from a scratch is impossible to be made as a
part of review, so all known results/attacks/notes on design
rationale/results of evaluation of curve parameters will be very important
for making the review(s) as objective as possible.

Best regards,
Stanislav Smyshlyaev, Ph.D.
Head of Information Security Department,
CryptoPro LLC



2017-11-28 18:47 GMT+03:00 Ronald Tse <tse@ribose.com>om>:

> Dear Stanislav,
>
> Thank you very much for performing the review. Look forward to it!
>
> Kind regards,
> Ron
>
> _____________________________________
>
> Ronald Tse
> Ribose Inc.
>
> On Nov 28, 2017, at 11:21 PM, Stanislav V. Smyshlyaev <smyshsv@gmail.com>
> wrote:
>
> Dear Alexey,
>
> I'll be happy to do this.
>
> Will it be OK, if I provide a review by the 20th of December?
>
> Best regards,
>
> Stanislav
>
>
> 2017-11-28 17:02 GMT+03:00 Alexey Melnikov <alexey.melnikov@isode.com>om>:
>
>> Dear Crypto Panel,
>>
>> SAAG’s SECDISPATCH chairs have requested review of
>> <https://datatracker.ietf.org/doc/draft-ribose-openpgp-oscca/>
>> before the document fate will be decided (it is likely to end up in the
>> CURDLE WG).
>>
>> Can we have some volunteer(s) please?
>>
>> The draft Abstract is:
>>
>>    This document enables OpenPGP (RFC4880) usage in an compliant manner
>>    with OSCCA (Office of State Commercial Cipher Administration)
>>    regulations for use within China.
>>
>>    Specifically, it extends OpenPGP to support the usage of SM2, SM3 and
>>    SM4 algorithms, and provides the OSCCA-compliant OpenPGP profile
>>    "OSCCA-SM234".
>>
>>
>> Thank you,
>> Alexey
>>
>> _______________________________________________
>> Crypto-panel mailing list
>> Crypto-panel@irtf.org
>> https://www.irtf.org/mailman/listinfo/crypto-panel
>>
>
>
>