[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Larger DH groups?

To: <sblakewilson@certicom.com>, <linux-ipsec@clinet.fi>, <ipsec@lists.tislabs.com>
Subject: Re: Larger DH groups?
From: "Hilarie Orman" <HORMAN@novell.com>
Date: Thu, 05 Oct 2000 17:54:11 -0600
Sender: owner-ipsec@lists.tislabs.com
If Certicom wants to hint at secret sauce, that's their right.  In this case, all
they can be saying is that they think the dish tastes better with their
sauce, not that you can't make the dish without it.

I'm vegetarian anyway.

Hilarie


>>> Dan Harkins <dharkins@cips.nokia.com> 10/05/00 04:35PM >>>
  Well other companies have been able to give black and white answers. For
instance Cisco's statement on VRRP: 

   "Cisco believes that implementation of draft-ietf-vrrp-spec-05.txt will 
    require a license to Cisco's patent #5,473,599. If this protocol is 
    approved as an IETF standard, licenses will be available to any party on 
    reasonable, nondiscriminatory terms for implentation of the protocol."

Your statement is vague and heavily qualified, e.g. "if Certicom has patents 
or patents pending that are essential to implementation...." Why not just
come out and say it? Do you? And are they? You "believe [you have] rights
under patents and patents pending for techniques...." but you don't say
whether it is necessary to use those techniques to implement your draft.
That is extremely disingenuous. 

  Regarding the numbers assigned. Yes, I know they were given out by IANA
but IANA did not follow the "IANA Considerations" section for assignment
of new numbers for new D-H groups. I brought it up with IANA but they
apparently didn't recind them (yet). I'm asking you to just follow the rules
like everyone else is supposed to. Those rules are described in section
11.4 of RFC2409. They are there for a reason.

  Dan.

On Thu, 05 Oct 2000 18:12:03 EDT you wrote
> Hi Dan,
> 
> Ahh ... the eternal patent question. Unfortunately the patent system doesn't
> allow the kind of black and white answer you're looking for. However I think 
>our
> IPR statement is fairly clear that we believe we have patents and patent
> applcations covering ECC. Our advice to anyone implementing ECC is to take a
> license from Certicom :-).
> 
> On the IANA issue. I believe all our numbers for ECC groups were assigned by
> IANA as specified in RFC 2409. I believe the link to the numbers on the IANA
> site is:
> http://www.isi.edu/in-notes/iana/assignments/ipsec-registry.
> 
> Best regards. Simon
> 
> S. Blake-Wilson
> Certicom Corp.
> 
> 
> 
> 
> 
> Dan Harkins <dharkins@cips.nokia.com> on 10/05/2000 02:58:16 PM
> 
> To:   Simon Blake-Wilson/Certicom@Certicom
> cc:   Ari Huttunen <Ari.Huttunen@F-Secure.com>, ipsec <ipsec@lists.tislabs.co 
>m>
> Subject:  Re: Larger DH groups?
> 
> 
> 
> 
>   While updating the "Additional ECC groups for IKE" draft can you unqualify
> your IP statement? Do you or do you not have patents that cover this? It
> would be nice if there was a one syllable response to the question "is a
> license from Certicom essential to implement these curves?"
> 
>   Also, in the AES assigned numbers thread it became obvious that certain
> vendors have been assigning numbers which are reserved to IANA to their
> own use of algorithms. I'd like to note that you are repeating this error
> in your draft and respectfully ask you to use numbers from the private use
> range for all the groups in this draft. Section 11.4 of RFC2409 describes
> the procedure necessary for you to follow to get IANA to assign number to
> you.
> 
>   Dan.
> 
> On Thu, 05 Oct 2000 12:08:23 EDT you wrote
> >
> > Diffie-Hellman is a cubic operation, so I believe 15000-bit DH should take
> about
> > 15^3 approx=3000 times as long as 1000-bit DH, and 512-bit ECDH should take
> > about 25 times as long as 160-bit ECC. We don't have implementations of
> > 15000-bit DH but we do have 512-bit ECDH and our performance roughly follow
>s
> the
> > estimates. (In fact we're in the process of adding 512-bit curves to our
> > "Additional ECC groups for IKE" draft so that it has complete AES support.)
> >
> > Best regards. Simon
> >
> > S. Blake-Wilson
> > Certicom Corp.
> >
> >
> >
> >
> >
> > Ari Huttunen <Ari.Huttunen@F-Secure.com> on 10/05/2000 11:02:42 AM
> >
> > To:   ipsec <ipsec@lists.tislabs.com>
> > cc:    (bcc: Simon Blake-Wilson/Certicom)
> > Subject:  Larger DH groups?
> >
> >
> >
> >
> > Are there plans/interest in specifying larger standard DH groups, now that
> > the AES has been chosen?
> >
> > If so, what sizes would be appropriate? Tero earlier posted groups of
> > 2000-4000 bits, the draft for AES talks about 14000. Anybody know just
> > how slow would 14000 bit modulus be? (I can guess it's something between
> > extremely slow and ridiculously slow..) What about the speed of a 500 bit
> EC2N?
> >
> > Ari
> >
> > --
> > Ari Huttunen                   phone: +358 9 859 900
> > Senior Software Engineer       fax  : +358 9 8599 0452
> >
> > F-Secure Corporation       http://www.F-Secure.com 
> >
> > F-Secure products: Integrated Solutions for Enterprise Security
> 
> 
> 
>
Prev by Date: Re: Larger DH groups?
Next by Date: Re: IPSec test suite
Prev by thread: Re: Larger DH groups?
Next by thread: Re: Larger DH groups?
Index(es):
- Main
- Thread