Re: [openpgp] Curve3617 in OpenPGP? Beyond rfc6637.

Werner Koch <wk@gnupg.org> Fri, 18 October 2013 08:35 UTC

Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C12E911E8163 for <openpgp@ietfa.amsl.com>; Fri, 18 Oct 2013 01:35:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M-sTovTWlNf7 for <openpgp@ietfa.amsl.com>; Fri, 18 Oct 2013 01:35:32 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [217.69.77.222]) by ietfa.amsl.com (Postfix) with ESMTP id 5BA8321F9FAC for <openpgp@ietf.org>; Fri, 18 Oct 2013 01:35:30 -0700 (PDT)
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.80 #2 (Debian)) id 1VX5Wq-0001SQ-IO for <openpgp@ietf.org>; Fri, 18 Oct 2013 10:35:28 +0200
Received: from wk by vigenere.g10code.de with local (Exim 4.80 #3 (Debian)) id 1VX5Qw-0001IE-Tt; Fri, 18 Oct 2013 10:29:22 +0200
From: Werner Koch <wk@gnupg.org>
To: Gregory Maxwell <gmaxwell@gmail.com>
References: <CAAS2fgRG2AbZsz_4aF33Pd167M4-6=-73WAAgxTAjLMdoGNLeQ@mail.gmail.com> <CBE39208-C436-4145-A645-10380145F200@callas.org> <87iowvghx3.fsf@vigenere.g10code.de> <CAAS2fgS+Z_OmCzavCsSubQi3oaX-gUt9uv6Uio-rA-wpszF5Wg@mail.gmail.com>
Organisation: g10 Code GmbH
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
OpenPGP: id=1E42B367; url=finger:wk@g10code.com
Date: Fri, 18 Oct 2013 10:29:22 +0200
In-Reply-To: <CAAS2fgS+Z_OmCzavCsSubQi3oaX-gUt9uv6Uio-rA-wpszF5Wg@mail.gmail.com> (Gregory Maxwell's message of "Fri, 18 Oct 2013 00:57:25 -0700")
Message-ID: <87vc0vf0d9.fsf@vigenere.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: openpgp@ietf.org, Jon Callas <jon@callas.org>
Subject: Re: [openpgp] Curve3617 in OpenPGP? Beyond rfc6637.
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Oct 2013 08:35:37 -0000

On Fri, 18 Oct 2013 09:57, gmaxwell@gmail.com said:

> as it is twist secure), it would make it gratuitously incompatible all
> the existing (esp fast constant time code) implementations which work
> on the X coordinate alone.

Nope.  First, there is no released OpenPGP implementation with ECC yet.
Second, there is no incompatibiliy because it is still the same point
and actually it is faster to use because there is no need for
uncompressing.  Note also that compressing is an old technique which is
is simply not used because in the Weierstrass form it is patented (till
next year).


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.