IETF Logo Mail Archive

Re: [openpgp] Curve3617 in OpenPGP? Beyond rfc6637.

Andrey Jivsov <openpgp@brainhub.org> Fri, 18 October 2013 17:11 UTC

Return-Path: <openpgp@brainhub.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FEF011E8322 for <openpgp@ietfa.amsl.com>; Fri, 18 Oct 2013 10:11:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.437
X-Spam-Level:
X-Spam-Status: No, score=-0.437 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_NET=0.611, RDNS_NONE=0.1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SLSrhZxoOFYI for <openpgp@ietfa.amsl.com>; Fri, 18 Oct 2013 10:11:52 -0700 (PDT)
Received: from qmta07.emeryville.ca.mail.comcast.net (qmta07.emeryville.ca.mail.comcast.net [IPv6:2001:558:fe2d:43:76:96:30:64]) by ietfa.amsl.com (Postfix) with ESMTP id 63FDE11E8320 for <openpgp@ietf.org>; Fri, 18 Oct 2013 10:11:48 -0700 (PDT)
Received: from omta13.emeryville.ca.mail.comcast.net ([76.96.30.52]) by qmta07.emeryville.ca.mail.comcast.net with comcast id edyt1m00817UAYkA7hBokf; Fri, 18 Oct 2013 17:11:48 +0000
Received: from [127.0.0.1] ([69.181.162.123]) by omta13.emeryville.ca.mail.comcast.net with comcast id ehBm1m00Q2g33ZR8ZhBn1h; Fri, 18 Oct 2013 17:11:47 +0000
Message-ID: <52616ACB.2070108@brainhub.org>
Date: Fri, 18 Oct 2013 10:07:23 -0700
From: Andrey Jivsov <openpgp@brainhub.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130805 Thunderbird/17.0.8
MIME-Version: 1.0
To: openpgp@ietf.org
References: <CAAS2fgRG2AbZsz_4aF33Pd167M4-6=-73WAAgxTAjLMdoGNLeQ@mail.gmail.com> <CBE39208-C436-4145-A645-10380145F200@callas.org> <87iowvghx3.fsf@vigenere.g10code.de> <CAAS2fgS+Z_OmCzavCsSubQi3oaX-gUt9uv6Uio-rA-wpszF5Wg@mail.gmail.com> <87vc0vf0d9.fsf@vigenere.g10code.de>
In-Reply-To: <87vc0vf0d9.fsf@vigenere.g10code.de>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20121106; t=1382116308; bh=mJ2AvNnVK1f06Ng2DL0MgL4i/uHi0l4AdeytTbVBkEw=; h=Received:Received:Message-ID:Date:From:MIME-Version:To:Subject: Content-Type; b=B3yqjOqanQw1LT95cpitTb6Bj3aMBBY3h9u3ymNRAnaod72YmNVbvMI2EGkzk+k1z TOmP7NiCGC2/8+zUtUfnly0K4jEdGSUp4os7duinZGcx1xBJZCG52P4DoRc4EGGJMj Y/Um4q4YP0abJZYrdgyDSdweYi9L1dk7es4kmdxUpNitylRl9qW3oqBKr3RuOnmWvK hD9tg/SC2GYA1I7aooK6y6o5GALyUutOQ4iCUE6JV6Y9KrBeWDTsGeqjTB4XHJCHAb X6kgfE0A0APHxrlkFEZP8nAmgYoBYvQVT9ICIvjtBIj7udetcELFTRFxXcUyO1yGzE +JAQjxe040dHA==
Subject: Re: [openpgp] Curve3617 in OpenPGP? Beyond rfc6637.
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Oct 2013 17:11:56 -0000

On 10/18/2013 01:29 AM, Werner Koch wrote:
> On Fri, 18 Oct 2013 09:57, gmaxwell@gmail.com said:
>
>> as it is twist secure), it would make it gratuitously incompatible all
>> the existing (esp fast constant time code) implementations which work
>> on the X coordinate alone.
>
> Nope.  First, there is no released OpenPGP implementation with ECC yet.

One could google for "pgp command line with ecc support" and see a few 
hits. I clearly recall working on one product that was released.

> Second, there is no incompatibiliy because it is still the same point
> and actually it is faster to use because there is no need for
> uncompressing.  Note also that compressing is an old technique which is
> is simply not used because in the Weierstrass form it is patented (till
> next year).

http://tools.ietf.org/html/draft-jivsov-ecc-compact-00 is based on a 
year 1986 method. You need an unambiguous definition for the DSA (not ECDH).

v2.1.2.p1 | Report a Bug | By Email