[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Remove SHOULD for elliptic curve groups in IKEv2

To: "Mark Winstead" <Mark.Winstead@NetOctave.com>, <ipsec@lists.tislabs.com>
Subject: RE: Remove SHOULD for elliptic curve groups in IKEv2
From: "Khaja E. Ahmed" <khaja.ahmed@attbi.com>
Date: Tue, 12 Mar 2002 10:05:51 -0800
Importance: Normal
In-Reply-To: <49B96FCC784BC54F9675A6B558C3464E5D0DC7@MAIL.NetOctave.com>
Sender: owner-ipsec@lists.tislabs.com

Title: RE: Remove SHOULD for elliptic curve groups in IKEv2

Mark,

Although AES and EC might both be used in a small percentage of installations, the rates of adoption are quite different. AES is growing and becoming adopted markedly faster than EC, which has been around longer and never saw this rate of adoption. There are other difference, one is royalty free the other involves license fees. Also, AES is the US government's upgrade / replacement for DES and we can predict will be nearly universally used in that segment of the market for sensitive but unclassified information applications. Equal deployment at this moment in time (if that is the case) is not a good reason to make EC support a SHOULD. Anything beyond MAY is not appropriate for EC (IMO).

Khaja

-----Original Message-----
From: owner-ipsec@lists.tislabs.com [mailto:owner-ipsec@lists.tislabs.com]On Behalf Of Mark Winstead
Sent: Tuesday, March 12, 2002 5:40 AM
To: ipsec@lists.tislabs.com
Subject: RE: Remove SHOULD for elliptic curve groups in IKEv2

Today it is fewer than 10%, but can't something close to that be said, at least recently, for AES?

With AES and its increased key sizes coming, shouldn't more EC groups be included? some with SHOULD for support of AES various key sizes and some additional MAYs? I believe consideration should be given to adding SECG's sect283k1 (a.k.a. 9th Oakley, ansit283k1), sect283r1 (8th, ansit283r1), sect409k1 (11th, ansit409k1), sect409r1 (10th, ansit409r1), sect571k1 (13th, ansit571k1), sect571r1 (12th, ansit571r1) to the draft, and perhaps secp256r1 (ansip256r1), secp384r1 (ansip384r1), and secp521r1 (ansip521r1). (See http://www.secg.org/collateral/sec2.pdf or ANSI 9.63)

> -----Original Message-----
> From: Paul Hoffman / VPNC [mailto:paul.hoffman@vpnc.org]
> Sent: Monday, March 11, 2002 11:09 PM
> To: ipsec@lists.tislabs.com
> Subject: Remove SHOULD for elliptic curve groups in IKEv2
>
>
> Elliptic curve groups have barely been tested for interoperability.
> The SHOULDs in section 8.3 and 8.4 should be reduced to MAYs. As
> wonderful as EC cryptography is supposed to be, it is overkill to
> make it a near-requirement when probably fewer than 10% of
> implementations today use it.
>
> --Paul Hoffman, Director
> --VPN Consortium
>

References:
- RE: Remove SHOULD for elliptic curve groups in IKEv2
  - From: Mark Winstead <Mark.Winstead@NetOctave.com>

Prev by Date: RE: Remove SHOULD for elliptic curve groups in IKEv2
Next by Date: Re: How to pass AES rounds number through PF_KEY interface
Prev by thread: Re: Remove SHOULD for elliptic curve groups in IKEv2
Next by thread: RE: Remove SHOULD for elliptic curve groups in IKEv2
Index(es):
- Date
- Thread