Re: [Hipsec] Reference problem in 5201-bis wrt SECP160R1
Rene Struik <rstruik.ext@gmail.com> Wed, 08 August 2012 18:35 UTC
Return-Path: <rstruik.ext@gmail.com>
X-Original-To: hipsec@ietfa.amsl.com
Delivered-To: hipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0804B21F8518 for <hipsec@ietfa.amsl.com>; Wed, 8 Aug 2012 11:35:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hIGWRQ9tTyYG for <hipsec@ietfa.amsl.com>; Wed, 8 Aug 2012 11:35:29 -0700 (PDT)
Received: from mail-yx0-f172.google.com (mail-yx0-f172.google.com [209.85.213.172]) by ietfa.amsl.com (Postfix) with ESMTP id D3A1F21F8517 for <hipsec@ietf.org>; Wed, 8 Aug 2012 11:35:28 -0700 (PDT)
Received: by yenm5 with SMTP id m5so1224234yen.31 for <hipsec@ietf.org>; Wed, 08 Aug 2012 11:35:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:x-enigmail-version:content-type :content-transfer-encoding; bh=y5nDZg/bNvDQYpLIVMquWC2jXA75yDwu44YyGB+QA4g=; b=tIFDfvtj18ZOWdvxjEbq1KaTOgaD8fn/Q4UeUWfqLRKro/lE1dIV8S2tJa2NV+zKqn H2mRtbgZTcOxioWtuu0/0A7Ii2y/MKbwOUzRVS2OC0gnFNi5MxqC4pba4DIyB3Qo6hq8 fZlhx6G+0LBpdPHCaWl4SnMVkCieVWlEo+ZIlVYcV/s/LViqKwO+KZB4EmDmyTrKt3Rp PVrdUQX8ieMBpA6TYmdrywSF1ic+IrSe+dfLGPSqowFHFUb0tWqtOvIhhnfoVetDLOqX SmqkzuX1YdfihFEIEUOhBzSNCzsQij5JqVUMr/TH17fJjiBoxqt/MAX9snX7oVFIEuyq Vgwg==
Received: by 10.42.53.208 with SMTP id o16mr856278icg.6.1344450927854; Wed, 08 Aug 2012 11:35:27 -0700 (PDT)
Received: from [192.168.1.103] (CPE0013100e2c51-CM001cea35caa6.cpe.net.cable.rogers.com. [99.231.4.27]) by mx.google.com with ESMTPS id gz1sm3109692igc.16.2012.08.08.11.35.26 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 08 Aug 2012 11:35:27 -0700 (PDT)
Message-ID: <5022B162.7080306@gmail.com>
Date: Wed, 08 Aug 2012 14:35:14 -0400
From: Rene Struik <rstruik.ext@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.0; WOW64; rv:14.0) Gecko/20120713 Thunderbird/14.0
MIME-Version: 1.0
To: Robert Moskowitz <rgm@htt-consult.com>
References: <50226886.8000106@htt-consult.com>
In-Reply-To: <50226886.8000106@htt-consult.com>
X-Enigmail-Version: 1.4.3
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: hipsec@ietf.org
Subject: Re: [Hipsec] Reference problem in 5201-bis wrt SECP160R1
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Aug 2012 18:35:30 -0000
Hi Bob: You are correct that SECG removed the prime curve secp160r1 from the SEC1 specification, when moving from v1.0 to v2.0. However, you can still access this under the "superseded specifications" tab: the weblink should be http://www.secg.org/download/aid-386/sec2_final.pdf. You may also find this curve specified elsewhere, e.g., (if memory serves me well) with some copy protection schemes, such as DTCP. I hope this helps. Best regards, Rene On 08/08/2012 9:24 AM, Robert Moskowitz wrote: > For low security we have SECP160R1 from: > > [SECG] SECG, "Recommended Elliptic Curve Domain > Parameters", SEC 2 , 2000, > <http://www.secg.org/>. > > I went there yesterday to look up some of the information on actual > sizes and got to: > > http://www.secg.org/download/aid-784/sec2-v2.pdf, published Jan 27, 2010. > > And no SECP160R1, the smallest keysize now is SECP192R1 (sec 2.2.2). > > So we have a reference problem here as well as giving a developer the > parameter values needed to implement SECP160R1. > > Corrective action options: > > 1) Directly supply the parameters for SECP160R1 in Appendix D and > reference the version of secg they were pulled from. > > 2) Find a more stable source for SECP160R1 to reference. > > 3) Move to SECP192R1 (which I am leary of as ver 3.0 of secg could > drop that!). > > I vote for 1) and ask whoever has the older version of secg to forward > the parameters for inclusion. > > BTW, HIP DEX works a bit differently in that the keys generated from > the ECDH exchange are only used in protecting HIP packets and a > wrapped key exchange within HIP provides the keying material for > session keys (eg ESP or 802.15.4 security). So in DEX, using > SECP160R1 may not be as much of a risk as in BEX, so I DO plan on > providing the SECP160R1 parameters in DEX. > > > _______________________________________________ > Hipsec mailing list > Hipsec@ietf.org > https://www.ietf.org/mailman/listinfo/hipsec -- email: rstruik.ext@gmail.com Skype: rstruik cell: +1 (647) 867-5658 USA Google voice: +1 (415) 690-7363
- [Hipsec] Reference problem in 5201-bis wrt SECP16… Robert Moskowitz
- Re: [Hipsec] Reference problem in 5201-bis wrt SE… Rene Struik
- Re: [Hipsec] AUTH48 [LB]: 5201-bis - Re: Referenc… Robert Moskowitz
- Re: [Hipsec] AUTH48 [LB]: 5201-bis - Re: Referenc… Miika Komu
- Re: [Hipsec] AUTH48 [LB]: 5201-bis - Re: Referenc… Robert Moskowitz