Re: [pkix] Edwards/DJB curves - New PKI(X) work?
Johannes Merkle <johannes.merkle@secunet.com> Thu, 14 August 2014 14:51 UTC
Return-Path: <Johannes.Merkle@secunet.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C54991A0347 for <pkix@ietfa.amsl.com>; Thu, 14 Aug 2014 07:51:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.268
X-Spam-Level:
X-Spam-Status: No, score=-3.268 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.668] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8BvgrsW0Xmzs for <pkix@ietfa.amsl.com>; Thu, 14 Aug 2014 07:51:24 -0700 (PDT)
Received: from a.mx.secunet.com (a.mx.secunet.com [195.81.216.161]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 722CD1A0359 for <pkix@ietf.org>; Thu, 14 Aug 2014 07:51:24 -0700 (PDT)
Received: from localhost (alg1 [127.0.0.1]) by a.mx.secunet.com (Postfix) with ESMTP id 994F91A007A; Thu, 14 Aug 2014 16:51:19 +0200 (CEST)
X-Virus-Scanned: by secunet
Received: from a.mx.secunet.com ([127.0.0.1]) by localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id V3By-xokeJGR; Thu, 14 Aug 2014 16:51:15 +0200 (CEST)
Received: from mail-essen-01.secunet.de (unknown [10.53.40.204]) by a.mx.secunet.com (Postfix) with ESMTP id 35B701A0078; Thu, 14 Aug 2014 16:51:15 +0200 (CEST)
Received: from [10.208.1.76] (10.208.1.76) by mail-essen-01.secunet.de (10.53.40.204) with Microsoft SMTP Server (TLS) id 14.3.195.1; Thu, 14 Aug 2014 16:51:17 +0200
Message-ID: <53ECCCE4.2060603@secunet.com>
Date: Thu, 14 Aug 2014 16:51:16 +0200
From: Johannes Merkle <johannes.merkle@secunet.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: Anders Rundgren <anders.rundgren.net@gmail.com>, pkix@ietf.org
References: <53EC3F1F.6090706@gmail.com> <53EC9E72.8030701@bbn.com> <53EC9F34.7090403@gmail.com>
In-Reply-To: <53EC9F34.7090403@gmail.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.208.1.76]
Archived-At: http://mailarchive.ietf.org/arch/msg/pkix/aG4SqlS2jcUNnkpO1Dfi84Ozcuo
Subject: Re: [pkix] Edwards/DJB curves - New PKI(X) work?
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Aug 2014 14:51:27 -0000
Anders Rundgren wrote on 14.08.2014 13:36: > But the inclusion of new algorithms in X.509 structures sounds > like a PKI(X)-like task. > Well, "new algorithms" is not exactly the right term for introducing a new curve representation; it's rather a new semantic of public keys, digital signatures and cryptograms. (There are some people on the CFRG advocating standardization of simplified ECC-based signature algorithms, like Schnorr signatures, but currently, the discussion focuses on curves and their representation.) But essentially, you are right: if we want to use new semantics in PKIX, new specs for X.509 certs / CRLs, for CMS etc. would be needed. However, it is yet too early for action. It is not yet clear, what exactly CFRG recommends to the tls WG. Even if Montgomery curves or Edwards curves are chosen, there is still the option of using traditional (Weierstrass) representation / semantic on-the-wire, as transformation is quite simple. See https://www.ietf.org/mail-archive/web/cfrg/current/msg04816.html Johannes
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Anders Rundgren
- [pkix] Edwards/DJB curves - New PKI(X) work? Anders Rundgren
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Stephen Kent
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Johannes Merkle
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Anders Rundgren
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Johannes Merkle
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Anders Rundgren
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Paul Hoffman
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Michael StJohns
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Anders Rundgren
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Johannes Merkle
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Anders Rundgren
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Stephen Farrell
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Anders Rundgren
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Stephen Farrell
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Michael StJohns
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Michael StJohns
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Stephen Kent
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Stephen Farrell
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Erwann Abalea
- Re: [pkix] Edwards/DJB curves - New PKI(X) work? Michael StJohns