[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft of the ISAKMP/Oakley draft

To: Hilarie Orman <ho@earth.hpc.org>
Subject: Re: draft of the ISAKMP/Oakley draft
From: Michael Bungert <Michael.Bungert@mchp.siemens.de>
Date: Tue, 28 Oct 97 17:34:45 PST
Cc: ipsec@tis.com
In-Reply-To: <199710241655.MAA23605@earth.hpc.org>
References: Conversation <MAPI.Id.0016.00622020202020203438414430303046@MAPI.to.RFC822> with last message <199710241655.MAA23605@earth.hpc.org>
Sender: owner-ipsec@ex.tis.com

Hilarie,
  
We do not yet have a comprehensive list of patents regarding 
elliptic curve cryto systems. 

I don't have a published list of reliable running times for 
elliptic curves over GF(p) but our implementations show that 
timings comparable to yours published on crypto '95 should be 
possible. 
BTW, it might be prudent to avoid GF(2^N) fields with nested 
subextensions because this additional structure could be used 
for attacks in the future.

Again, my argument for the addition of GF(p) curves is not a 
better performance than GF(2^N) curves but the fact that GF(p) 
curves do not require an additional arithmetic because the 
mod p arithmetic is always implemented. Therefore, GF(p) curves 
offer a simple migration from mod p to elliptic curve crypto 
systems.

Michael

References:

Re: draft of the ISAKMP/Oakley draft

From: Michael Bungert <Michael.Bungert@mchp.siemens.de>

Re: draft of the ISAKMP/Oakley draft

From: ho@earth.hpc.org (Hilarie Orman)

Prev by Date: Issue with GSSAPI and the ISAKMP/Oakley resolution document
Next by Date: WG Last Call Results
Prev by thread: Re: draft of the ISAKMP/Oakley draft
Next by thread: Re: draft of the ISAKMP/Oakley draft
Index(es):
- Main
- Thread