IETF Logo Mail Archive

Re: [IPsec] I-D on Using the ECC Brainpool Curves for IKEv2 Key Exchange

Stephen Kent <kent@bbn.com> Tue, 08 January 2013 16:52 UTC

Return-Path: <kent@bbn.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D660B11E80D5 for <ipsec@ietfa.amsl.com>; Tue, 8 Jan 2013 08:52:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -104.999
X-Spam-Level:
X-Spam-Status: No, score=-104.999 tagged_above=-999 required=5 tests=[AWL=0.999, BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_31=0.6, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c1RO3roC3-CN for <ipsec@ietfa.amsl.com>; Tue, 8 Jan 2013 08:52:14 -0800 (PST)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by ietfa.amsl.com (Postfix) with ESMTP id 0B14C11E8097 for <ipsec@ietf.org>; Tue, 8 Jan 2013 08:52:13 -0800 (PST)
Received: from dhcp89-089-242.bbn.com ([128.89.89.242]:50306) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1TscPK-0004Ee-Pu; Tue, 08 Jan 2013 11:52:10 -0500
Message-ID: <50EC4EB9.2060204@bbn.com>
Date: Tue, 08 Jan 2013 11:52:09 -0500
From: Stephen Kent <kent@bbn.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/17.0 Thunderbird/17.0
MIME-Version: 1.0
To: Johannes Merkle <johannes.merkle@secunet.com>
References: <50E52E14.5080603@brainhub.org> <50E6C698.10809@secunet.com> <50E73A4F.2020403@brainhub.org> <50EAEF28.2040502@bbn.com> <50EB1474.1030702@brainhub.org> <50EBF345.5020106@secunet.com>
In-Reply-To: <50EBF345.5020106@secunet.com>
Content-Type: multipart/alternative; boundary="------------020201080301080003010606"
Cc: ipsec <ipsec@ietf.org>, Andrey Jivsov <openpgp@brainhub.org>
Subject: Re: [IPsec] I-D on Using the ECC Brainpool Curves for IKEv2 Key Exchange
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Jan 2013 16:52:14 -0000

Folks,

I think my initial concern has been misunderstood, or maybe I 
misunderstood the
purported benefits of the proposed mechanism.

When I asked about compatibility with existing S/MIME specs, I was not 
referring to
details of how the EC public key is represented in  a cert, per se.

Andrey's message on 1/4 said:

"Point compression is more beneficial for storage security for reasons 
of performance and storage efficiency. For storage efficiency side: when 
there are multiple recipients per message, each associated with one 
ECDH-related field, it's possible for ECDH-specific payload to get 
arbitrary large for a fixed short message. For the performance argument: 
*if the message was encrypted to N recipients, to decode it only one 
recipient will be used, and thus the calculation of 'y' is done once but 
the space is saved for N. *

My question was whether this technique, in bold above, is compatible 
with the current, normal
processing for S/MINE, or whether it would require S/MIME to operate 
differently (at the originator
or at any recipient) in order to reduce the overhead in the fashion 
alluded to above.

I don;t think that question has been answered.

Steve

v2.19.0 | Report a Bug | By Email