IETF Logo Mail Archive

Re: [Lwip] Fwd: I-D Action: draft-ietf-lwig-curve-representations-04.txt

Mohit Sethi M <mohit.m.sethi@ericsson.com> Mon, 13 May 2019 11:47 UTC

Return-Path: <mohit.m.sethi@ericsson.com>
X-Original-To: lwip@ietfa.amsl.com
Delivered-To: lwip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA731120125 for <lwip@ietfa.amsl.com>; Mon, 13 May 2019 04:47:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Level:
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hxk4RZNxpeaX for <lwip@ietfa.amsl.com>; Mon, 13 May 2019 04:47:01 -0700 (PDT)
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-ve1eur01on0628.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe1f::628]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F8BF120004 for <lwip@ietf.org>; Mon, 13 May 2019 04:47:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=C6JVK3Ef6uBDxsQoxplaHE6SZjK9jRoWGVanOao+yl8=; b=LR+SUl7n1AkWphLs4yY7RBSwjW8WAC1AQ2Br5qzFCaundEvKfxpxKXf7n7dm7ZGEo++numW0Fndl3Eq1/waOu8+Z1kdpvOKsqLFOGqHhwEo0/gmJAsQ8QcVdphgzcihgjJx603lb3j+3qhPBlMGmDuFDVFqzzVy1VoPleFS1mDA=
Received: from HE1PR0701MB2905.eurprd07.prod.outlook.com (10.168.98.146) by HE1PR0701MB2347.eurprd07.prod.outlook.com (10.168.127.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1900.7; Mon, 13 May 2019 11:46:57 +0000
Received: from HE1PR0701MB2905.eurprd07.prod.outlook.com ([fe80::d8cc:8173:1c1:e72c]) by HE1PR0701MB2905.eurprd07.prod.outlook.com ([fe80::d8cc:8173:1c1:e72c%4]) with mapi id 15.20.1900.010; Mon, 13 May 2019 11:46:57 +0000
From: Mohit Sethi M <mohit.m.sethi@ericsson.com>
To: Rene Struik <rstruik.ext@gmail.com>, "lwip@ietf.org" <lwip@ietf.org>
Thread-Topic: [Lwip] Fwd: I-D Action: draft-ietf-lwig-curve-representations-04.txt
Thread-Index: AQHVCYGR+z/BeW4eO0CmEB1rHXFFNw==
Date: Mon, 13 May 2019 11:46:57 +0000
Message-ID: <5ca991cc-c728-c0c6-0256-f060e5db3e77@ericsson.com>
References: <155568442431.6027.17982967187743911167@ietfa.amsl.com> <a6ad97a7-21bd-43c9-0ff1-417dd14999a1@gmail.com>
In-Reply-To: <a6ad97a7-21bd-43c9-0ff1-417dd14999a1@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
x-originating-ip: [89.166.49.243]
x-clientproxiedby: HE1PR0701CA0083.eurprd07.prod.outlook.com (10.168.122.27) To HE1PR0701MB2905.eurprd07.prod.outlook.com (10.168.98.146)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mohit.m.sethi@ericsson.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: b3a91195-792a-4190-f653-08d6d798b3cf
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(2017052603328)(7193020); SRVR:HE1PR0701MB2347;
x-ms-traffictypediagnostic: HE1PR0701MB2347:
x-ms-exchange-purlcount: 8
x-microsoft-antispam-prvs: <HE1PR0701MB2347415ED9F337D973923F72D00F0@HE1PR0701MB2347.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0036736630
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(39860400002)(396003)(366004)(376002)(346002)(189003)(199004)(2616005)(71200400001)(476003)(446003)(71190400001)(11346002)(186003)(81166006)(81156014)(53936002)(26005)(52116002)(99286004)(8676002)(606006)(6486002)(65826007)(486006)(6436002)(7736002)(66574012)(6116002)(236005)(25786009)(73956011)(3846002)(36756003)(5660300002)(229853002)(2906002)(6512007)(54896002)(6306002)(2501003)(76176011)(65806001)(66066001)(65956001)(14454004)(64126003)(478600001)(966005)(64756008)(66476007)(31686004)(86362001)(66446008)(66556008)(256004)(316002)(110136005)(66946007)(8936002)(6246003)(386003)(53546011)(6506007)(68736007)(102836004)(31696002)(58126008); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR0701MB2347; H:HE1PR0701MB2905.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: PNdM69S7V0gCV3DmCw8bVWVi9I+NkBu1fWl4AwqnPYGCGGKjqYRdctvt8eAfvROjT0KP1VWKsz7yUcpeE2UU6oGsset7gnGrwNpogIhx9iprxbVP5zBpCHQFVuDvDERa8Zw1p+OS9fMDf3bM0wrjAC3AxKws2lpUmkFNb7RJtu0U4CadS/kfU4kuEGsRu4/kpUkL0oMDlnMZOlt5zVKaoaru+eF4Nbvgo/L5p18xI0XaiJiycJpP9NGQdwPTbhlbOKfLw3J2u8O12Jz4O/v3SQVhd4phgb91q19nXCaxrmqwQSsIFBb7bbwQf+V4EDojTo+t96sUAqWkwF0xiF1i3q8M0tsSt5FzDoErJSBuOa7n7CZsAZ8BbwbHNZFeQzzo9l+H2tyzkLIqwo4VWYgRljnGes3cpt9tOL2JtgCq1QQ=
Content-Type: multipart/alternative; boundary="_000_5ca991ccc728c0c60256f060e5db3e77ericssoncom_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: b3a91195-792a-4190-f653-08d6d798b3cf
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 May 2019 11:46:57.4848 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2347
Archived-At: <https://mailarchive.ietf.org/arch/msg/lwip/DQ5oYwFusICBx_llv1Wenc1EZCQ>
Subject: Re: [Lwip] Fwd: I-D Action: draft-ietf-lwig-curve-representations-04.txt
X-BeenThere: lwip@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Lightweight IP stack. Official mailing list for IETF LWIG Working Group." <lwip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lwip>, <mailto:lwip-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lwip/>
List-Post: <mailto:lwip@ietf.org>
List-Help: <mailto:lwip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lwip>, <mailto:lwip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 May 2019 11:47:05 -0000

Hi Rene,

In Section 1, the draft says:

 Montgomery curve, and of points of Edwards25519, a so-called twisted
   Edwards curve, which are both specified in [RFC7748<https://tools.ietf.org/html/rfc7748>]

What about referencing RFC 8032: https://tools.ietf.org/html/rfc8032?

A lot of normative parts are currently in the appendix. Wouldn't it make sense to move them into the actual document body. I looked at RFC 7748 for example and it defines Curve25519 in the main body: https://tools.ietf.org/html/rfc7748#section-6.1. It is good to keep the example computations in  Appendix E.3 and Appendix G.3, see Appendix K as the document currently does.

In Section 5, wouldn't it make sense to mention that while re-using the same code base has advantages, it can also negatively affect the performance in terms of the computation time?

--Mohit

On 4/19/19 5:50 PM, Rene Struik wrote:

Dear colleagues:

I slightly updated the draft. Main changes: (technical) I added COSE parm requests (Section8.4-8.6); (editorial) some tiny word-smything and addition of two more references.

Of course, more references are possible, but - apart from that - I think the document is technically ready.

FYI - Stanislav Smyshlyaev and Vasily Nikolaev did kindly review the previous version of this draft and verified all numbers, formulas, etc. Their main editorial comment was that the document could use more references. {I will see whether I can find more references, or perhaps I should see if I can post a full technical paper on all kinds of curve formulas,, tricks, etc. This will take some time, though. This should not stop proceeding with this, imho.}

Best regards, Rene


-------- Forwarded Message --------
Subject:        [Lwip] I-D Action: draft-ietf-lwig-curve-representations-04.txt
Date:   Fri, 19 Apr 2019 07:33:44 -0700
From:   internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>
Reply-To:       lwip@ietf.org<mailto:lwip@ietf.org>
To:     i-d-announce@ietf.org<mailto:i-d-announce@ietf.org>
CC:     lwip@ietf.org<mailto:lwip@ietf.org>



A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Light-Weight Implementation Guidance WG of the IETF.

Title : Alternative Elliptic Curve Representations
Author : Rene Struik
Filename : draft-ietf-lwig-curve-representations-04.txt
Pages : 61
Date : 2019-04-19

Abstract:
This document specifies how to represent Montgomery curves and
(twisted) Edwards curves as curves in short-Weierstrass form and
illustrates how this can be used to carry out elliptic curve
computations using existing implementations of, e.g., ECDSA and ECDH
using NIST prime curves.



The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-lwig-curve-representations/

There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-lwig-curve-representations-04
https://datatracker.ietf.org/doc/html/draft-ietf-lwig-curve-representations-04

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-lwig-curve-representations-04


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

_______________________________________________
Lwip mailing list
Lwip@ietf.org<mailto:Lwip@ietf.org>
https://www.ietf.org/mailman/listinfo/lwip



_______________________________________________
Lwip mailing list
Lwip@ietf.org<mailto:Lwip@ietf.org>
https://www.ietf.org/mailman/listinfo/lwip

v2.23.0 | Report a Bug | By Email