Re: [IPsec] I-D on Using the ECC Brainpool Curves for IKEv2 Key Exchange
"Derek Atkins" <derek@ihtfp.com> Wed, 07 November 2012 18:27 UTC
Return-Path: <derek@ihtfp.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 88F2721F8B75 for <ipsec@ietfa.amsl.com>; Wed, 7 Nov 2012 10:27:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AH4OTgBymMFe for <ipsec@ietfa.amsl.com>; Wed, 7 Nov 2012 10:27:35 -0800 (PST)
Received: from mail2.ihtfp.org (mail2.ihtfp.org [IPv6:2001:4830:143:1::3a11]) by ietfa.amsl.com (Postfix) with ESMTP id 7C8F721F8B74 for <ipsec@ietf.org>; Wed, 7 Nov 2012 10:27:35 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mail2.ihtfp.org (Postfix) with ESMTP id 7C322260298; Wed, 7 Nov 2012 13:27:33 -0500 (EST)
Received: from mail2.ihtfp.org ([127.0.0.1]) by localhost (mail2.ihtfp.org [127.0.0.1]) (amavisd-maia, port 10024) with ESMTP id 22856-04; Wed, 7 Nov 2012 13:27:32 -0500 (EST)
Received: by mail2.ihtfp.org (Postfix, from userid 48) id 3BC4326023C; Wed, 7 Nov 2012 13:27:32 -0500 (EST)
Received: from 2001:df8:0:80:224:d7ff:fee7:8924 (SquirrelMail authenticated user warlord) by mail2.ihtfp.org with HTTP; Wed, 7 Nov 2012 13:27:32 -0500
Message-ID: <b7615d987aff24224ea9a2c571970a5b.squirrel@mail2.ihtfp.org>
In-Reply-To: <509AA6B9.9040309@secunet.com>
References: <747787E65E3FBD4E93F0EB2F14DB556B0F507F6B@xmb-rcd-x04.cisco.com> <509AA6B9.9040309@secunet.com>
Date: Wed, 07 Nov 2012 13:27:32 -0500
From: Derek Atkins <derek@ihtfp.com>
To: Johannes Merkle <johannes.merkle@secunet.com>
User-Agent: SquirrelMail/1.4.22-2.fc14
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-Virus-Scanned: Maia Mailguard 1.0.2a
X-Mailman-Approved-At: Thu, 08 Nov 2012 08:01:46 -0800
Cc: IPsecme WG <ipsec@ietf.org>, Manfred Lochter <manfred.lochter@bsi.bund.de>, "David McGrew (mcgrew)" <mcgrew@cisco.com>, "rfc-ise@rfc-editor.org" <rfc-ise@rfc-editor.org>
Subject: Re: [IPsec] I-D on Using the ECC Brainpool Curves for IKEv2 Key Exchange
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Nov 2012 18:27:36 -0000
Hi,
On Wed, November 7, 2012 1:21 pm, Johannes Merkle wrote:
> Hi David,
>
> Point compression is simply the ommission of the x-value, and for point
> expansion, functions are included in OpenSSL and
> other crypto libraries. Thus, such mistakes should only occur if someone
> decides to implement the arithmetic by itself
> but is incapable of doing it correctly (and does not perform sufficient
> testing). This seems to me a quite a case of
> carelessness and I don't think, that an RFC should be so fool-proof to
> prevent that. There are certainly much more
> complex aspects in IKE than point compression.
You're making the assumption that an implementor is using OpenSSL or has
already implemented point compression. IMHO that is not a reasonable
assumption. Many implementations use their own crypto libraries and
therefore would have to implement these compression and expansion
functions, including all the potential errors thereto. So saying "it's
easy, it's in OpenSSL" is not, IMHO, a reassuring statement or argument.
-derek
--
Derek Atkins 617-623-3745
derek@ihtfp.com www.ihtfp.com
Computer and Internet Security Consultant
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Andrey Jivsov
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Johannes Merkle
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Andrey Jivsov
- [IPsec] I-D on Using the ECC Brainpool Curves for… Johannes Merkle
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… David McGrew (mcgrew)
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Johannes Merkle
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… David McGrew (mcgrew)
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Johannes Merkle
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Tero Kivinen
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Johannes Merkle
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Derek Atkins
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Dan Harkins
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… David McGrew (mcgrew)
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Yoav Nir
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Tero Kivinen
- [IPsec] I-D on Using the ECC Brainpool Curves for… Johannes Merkle
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Dan Harkins
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Scott Fluhrer (sfluhrer)
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Yaron Sheffer
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Yoav Nir
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Scott Fluhrer (sfluhrer)
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Dan Harkins
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Yoav Nir
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Yaron Sheffer
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Scott Fluhrer (sfluhrer)
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Yaron Sheffer
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Johannes Merkle
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Tero Kivinen
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Scott Fluhrer (sfluhrer)
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Scott Fluhrer (sfluhrer)
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Stephen Kent
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Johannes Merkle
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Johannes Merkle
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Johannes Merkle
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Yaron Sheffer
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Tero Kivinen
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Scott Fluhrer (sfluhrer)
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Andrey Jivsov
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Johannes Merkle
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Stephen Kent
- Re: [IPsec] I-D on Using the ECC Brainpool Curves… Andrey Jivsov