Re: [Lwip] I-D Action: draft-ietf-lwig-curve-representations-13.txt
Rene Struik <rstruik.ext@gmail.com> Tue, 03 November 2020 15:04 UTC
Return-Path: <rstruik.ext@gmail.com>
X-Original-To: lwip@ietfa.amsl.com
Delivered-To: lwip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 244A03A1018; Tue, 3 Nov 2020 07:04:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.345
X-Spam-Level:
X-Spam-Status: No, score=-2.345 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.247, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5JvvMczJWFng; Tue, 3 Nov 2020 07:04:40 -0800 (PST)
Received: from mail-qt1-x82f.google.com (mail-qt1-x82f.google.com [IPv6:2607:f8b0:4864:20::82f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 37E653A0E6C; Tue, 3 Nov 2020 07:04:22 -0800 (PST)
Received: by mail-qt1-x82f.google.com with SMTP id p12so4442464qtp.7; Tue, 03 Nov 2020 07:04:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=to:references:from:subject:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=ZRIeEBFYt+LGcXD0D+HrXAi/vnu0D88w722NuD3y3HQ=; b=hPyqdQzZtPZGW0sfwbJ5Jqi4d7KPNtiPoD3j7sX7lqxVYO71M7F1YnHnfyO8bY8lHc 4ibHwABWuKYL+gPy6oguK//McmSDu5nYbud2Lywh5dqRUKoxtEh4A+DDaBtLNHfohm38 sQgcZnJeD/a/Tz+906oJtUsVWULfFyeIZBUYorZAC2V7B1hQpUZ4I2RVuWLzvMjYt8iS /Sirl05jTkfN4ugyoX1BPX/T2DBGUhcspxnEFqtMsw3TWEWJUnQGwLp8sQ2wFIAcYNrs y5DjtOwp1y40KrLu5ZhpSpqfR9t99hT8ClRdpgnqjnpqAND7NLF9fglptmuo2CfqRhnE KfJg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:references:from:subject:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=ZRIeEBFYt+LGcXD0D+HrXAi/vnu0D88w722NuD3y3HQ=; b=gYgEunBKKWE9Gwz2rqccFzsWspYpYWkkYNtIwb63ldMakNLgF05X29kPkC+X6wpCnE cONkYrV0gwdLeYftjmg22dWbnv1ZlI/U7zBVzZZbP/lEAlFThG+s4g+TwDnv97R3+mth zghmUCx0ZHwueCzZ89OujNo5u3isO+LgxQvJRHjTDhDerUKh8KKFdALA+D8rrkoaYrs7 lt79HpIaDK2000T228MVZin7k2bRazC+OEs7VJ99El+yXAdtCw5k6i6hdDe0Y5el0UDJ UQp9MFLDvY/a5sMxM2EwBWZqE+ZM9cMUkZdRcQ0aD+0sSVYDEB3Ldf0SuG/kWoGyKS9w thZQ==
X-Gm-Message-State: AOAM532S/6e8fukwTgs0gQE7LP+IOL8jXcKGdbSLvdlu/DUTc7TybcSj b1naJdLGi7IHU2M7eIytHZ8xIVVF26sFAQ==
X-Google-Smtp-Source: ABdhPJyt+mVzQQGpEqO/9JB0ZWerXFEbrsvECrDqizq6PKoWlahB/Ec9jl3KFKwQ5tAgGgAjr9b/mQ==
X-Received: by 2002:ac8:3a07:: with SMTP id w7mr14508611qte.67.1604415860877; Tue, 03 Nov 2020 07:04:20 -0800 (PST)
Received: from ?IPv6:2607:fea8:8a0:1397:d36:123e:a64f:dfe? ([2607:fea8:8a0:1397:d36:123e:a64f:dfe]) by smtp.gmail.com with ESMTPSA id h4sm10535881qkl.82.2020.11.03.07.04.19 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 03 Nov 2020 07:04:20 -0800 (PST)
To: lwip@ietf.org, internet-drafts@ietf.org
References: <160436124839.18774.18222892622710640841@ietfa.amsl.com>
From: Rene Struik <rstruik.ext@gmail.com>
Message-ID: <4fc6130c-aeae-178e-75b0-eb68e42cf11a@gmail.com>
Date: Tue, 03 Nov 2020 10:04:16 -0500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.4.0
MIME-Version: 1.0
In-Reply-To: <160436124839.18774.18222892622710640841@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/lwip/1toGNsph4825L1iN42Gqrez72Kk>
Subject: Re: [Lwip] I-D Action: draft-ietf-lwig-curve-representations-13.txt
X-BeenThere: lwip@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Lightweight IP stack. Official mailing list for IETF LWIG Working Group." <lwip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lwip>, <mailto:lwip-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lwip/>
List-Post: <mailto:lwip@ietf.org>
List-Help: <mailto:lwip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lwip>, <mailto:lwip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Nov 2020 15:04:47 -0000
Dear colleagues:
I updated the draft so as to take into account the comments received
during IETF Last Call.
Changes:
- added verbiage on use of Wei25519 and Wei448 with PKIX and CMS (now
Section 11) and request for OIDs to support this (now Section 12.1);
- changed requested COSE algorithm registration values: (Section 12.2)
ECDSA25519 (was: -1; now: -9); ECDH25519 (was: -2; now: -24 {still
1-octet, though}); (Section 12.3) ECDSA448 (was: -47; now: -48); ECDH448
(was: -47; now: -48). Note RS: here, latter change due to usurping the
value of -47 by ECDSA w/ secp256k1 and SHA256 earlier this summer;
- added examples encodings so as to include all cousins of Curve448 (now
including also Wei448.1, now Appendix O.4);
- added three more rows in Table 1 (Appendix K.4.2) so as to include
examples for all cousins of Curve448 (now including also Wei448,
Wei448.1, Wei448.-3);
- added two notes to Appendix K.6 and slightly reformulated so as to
make these auxiliary functions easier to simply cross-reference and
instantiate in future (if desired);
- fixed minor detail of 2-isogenous mapping between Wei448 and Wei448.-3
(singling out point (tau,0) of order two in dual isogeny map in Appendix
N.2);
- slightly changed encoding example for Edwards448 curve (Appendix O.6),
to make this consistent with potential future use of randomized
representation of curve points (Appendix K.5) if one were to ever use
this for enhanced privacy in big brother-esque scenarios; {details do
not matter for current draft, though}
- some tiny editorials, including (1) consistent naming of "short"
Weierstrass curve as short-Weierstrass curves; (2) defined alternative
naming of "points in small subgroup" as "low-order points" as well
(Appendix B.1); (3) changed "smaller than 1/2" to "at most 1/2" (at end
of Appendix P.3). {here, perfectionism seems to get in the way}
While the above list seems long, almost all of this is editorial or
simply adding other example encodings. The tiny "fix" above is, however,
a fix (but probably would only be noticeable by mathematicians).
Best regards, Rene
On 2020-11-02 6:54 p.m., internet-drafts@ietf.org wrote:
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the Light-Weight Implementation Guidance WG of the IETF.
>
> Title : Alternative Elliptic Curve Representations
> Author : Rene Struik
> Filename : draft-ietf-lwig-curve-representations-13.txt
> Pages : 131
> Date : 2020-11-02
>
> Abstract:
> This document specifies how to represent Montgomery curves and
> (twisted) Edwards curves as curves in short-Weierstrass form and
> illustrates how this can be used to carry out elliptic curve
> computations using existing implementations of, e.g., ECDSA and ECDH
> using NIST prime curves. We also provide extensive background
> material that may be useful for implementers of elliptic curve
> cryptography.
>
>
>
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-lwig-curve-representations/
>
> There are also htmlized versions available at:
> https://tools.ietf.org/html/draft-ietf-lwig-curve-representations-13
> https://datatracker.ietf.org/doc/html/draft-ietf-lwig-curve-representations-13
>
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-lwig-curve-representations-13
>
>
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
>
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
>
>
> _______________________________________________
> Lwip mailing list
> Lwip@ietf.org
> https://www.ietf.org/mailman/listinfo/lwip
--
email: rstruik.ext@gmail.com | Skype: rstruik
cell: +1 (647) 867-5658 | US: +1 (415) 287-3867
- [Lwip] I-D Action: draft-ietf-lwig-curve-represen… internet-drafts
- Re: [Lwip] I-D Action: draft-ietf-lwig-curve-repr… Rene Struik
- Re: [Lwip] I-D Action: draft-ietf-lwig-curve-repr… Rene Struik
- Re: [Lwip] I-D Action: draft-ietf-lwig-curve-repr… Rene Struik
- Re: [Lwip] I-D Action: draft-ietf-lwig-curve-repr… Daniel Migault