[IPsec] review of draft-solinas-rfc4753bis-00.txt

"Dan Harkins" <dharkins@lounge.org> Mon, 13 July 2009 07:19 UTC

Return-Path: <dharkins@lounge.org>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6DC323A6CC3; Mon, 13 Jul 2009 00:19:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.784
X-Spam-Level:
X-Spam-Status: No, score=-4.784 tagged_above=-999 required=5 tests=[AWL=-1.119, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-4, SARE_BAYES_5x8=0.8, SARE_BAYES_6x8=0.8, SARE_BAYES_7x8=1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Utv7QRrKx8c7; Mon, 13 Jul 2009 00:19:44 -0700 (PDT)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by core3.amsl.com (Postfix) with ESMTP id C0E5C3A6C32; Mon, 13 Jul 2009 00:19:44 -0700 (PDT)
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id 4A0ED10224078; Mon, 13 Jul 2009 00:20:13 -0700 (PDT)
Received: from 69.12.173.8 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Mon, 13 Jul 2009 00:20:13 -0700 (PDT)
Message-ID: <ffe94451fc3d4343e526bcd78f0a45e9.squirrel@www.trepanning.net>
Date: Mon, 13 Jul 2009 00:20:13 -0700
From: Dan Harkins <dharkins@lounge.org>
To: iesg@ietf.org
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Cc: ipsec@ietf.org, tim.polk@nist.gov, defu@orion.ncsc.mil
Subject: [IPsec] review of draft-solinas-rfc4753bis-00.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jul 2009 07:19:45 -0000

  Hi,

  I have reviewed this draft and would like these comments to be treated
just like any other last call comments.

  This draft will obsolete RFC 4753 (if approved) and before it does I
would like to see it slightly modified to address a discrepancy between
RFC 4753 and RFC 5114, both of which define the parameters for curves
19-21 (from the IANA registry) differently.

  Specifically, this draft, and RFC 4753, gives the equations of elliptic
curves defined over a prime field as y^2 = x^3 - 3x + b. Since a prime
field is defined as [0, 1, ..., p-1] I would like to see these curves
defined in the more general way as y^2 = x^3 + ax + b and then define the
value "a" such that a=p-3 for each curve depending on the prime, p:

3.1 256-bit Random ECP Group

   The equation for the elliptic curve is:

                  y^2 = x^3 + ax + b

   Group curve parameter a
             FFFFFFFF 00000001 00000000 00000000 00000000
             FFFFFFFF FFFFFFFF FFFFFFFC

3.2 384-bit Random ECP Group

   The equation for the elliptic curve is:

                  y^2 = x^3 + ax + b

   Group curve parameter a
             FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF
             FFFFFFFF FFFFFFFE FFFFFFFF 00000000 00000000 FFFFFFFC

3.3 521-bit Random ECP Group

   The equation for the elliptic curve is:

                  y^2 = x^3 + ax + b

   Group curve parameter a
             01FFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF
             FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF
             FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFC


Thank you, and regards,

  Dan.