[openpgp] Curve25519 for public key encryption
NIIBE Yutaka <gniibe@fsij.org> Sat, 26 April 2014 07:47 UTC
Return-Path: <gniibe@fsij.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 88E5A1A0455 for <openpgp@ietfa.amsl.com>; Sat, 26 Apr 2014 00:47:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.172
X-Spam-Level:
X-Spam-Status: No, score=-2.172 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.272] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wSDDV_01zr5g for <openpgp@ietfa.amsl.com>; Sat, 26 Apr 2014 00:47:45 -0700 (PDT)
Received: from atom.fsij.org (atom.fsij.org [211.14.6.125]) by ietfa.amsl.com (Postfix) with ESMTP id 57FDD1A030D for <openpgp@ietf.org>; Sat, 26 Apr 2014 00:47:45 -0700 (PDT)
Received: from c203214.dynamic.ppp.asahi-net.or.jp ([210.155.203.214] helo=[192.168.1.10]) by atom.fsij.org with esmtpsa (TLS1.0:DHE_RSA_CAMELLIA_256_CBC_SHA1:256) (Exim 4.80) (envelope-from <gniibe@fsij.org>) id 1WdxKi-0007yo-1F; Sat, 26 Apr 2014 16:47:36 +0900
Message-ID: <1398498450.5174.1.camel@latx1.gniibe.org>
From: NIIBE Yutaka <gniibe@fsij.org>
To: openpgp@ietf.org
Date: Sat, 26 Apr 2014 16:47:30 +0900
Organization: Free Software Initiative of Japan
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.4.4-3
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
X-SA-Exim-Connect-IP: 210.155.203.214
X-SA-Exim-Mail-From: gniibe@fsij.org
X-SA-Exim-Version: 4.2.1 (built Mon, 26 Dec 2011 16:24:06 +0000)
X-SA-Exim-Scanned: Yes (on atom.fsij.org)
Archived-At: http://mailarchive.ietf.org/arch/msg/openpgp/zi7pzv83IvPk-zTlRyLcb8LtyZs
Subject: [openpgp] Curve25519 for public key encryption
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Apr 2014 07:47:47 -0000
Hello, I am doing some experiment with GnuPG to support Curve25519 for public key encryption. When we apply draft-jivsov-ecc-compact-05 (that is, using x-coordinate only), I think that we could extend the specification of RFC6637 for Curve25519 naturally. RFC6637 assumes that the cofactor is 1, while Curve25519's is 8. But this is no problem. Since Curve25519's private key is defined as multiple of 8 (= its cofactor), we don't need to change any computation of ECDH. Thus, I think that all that we need is OID of Curve25519, if it is OK for us to keep using MPI format (in the original implementation of Curve25519, representation is little endian). If this support of Curve25519 in OpenPGP has no conflict to RFC6637 + draft-jivsov-ecc-compact-05, I'm going to work enhancement of OpenPGPcard (the smartcard specification) for Curve25519, too. Any suggestions or comments? --
- [openpgp] Curve25519 for public key encryption NIIBE Yutaka