[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Remove SHOULD for elliptic curve groups in IKEv2
Oakley and IKE and draft-orman-public-key-lengths-05 name the
algorithms, the strengths, computational scaling, etc. of
ECC for Diffie-Hellman key agreement. Mathematically,
the algorithm is DH using point addition in elliptic curve groups over
GF[2^n].
Specific implementation techniques may be covered by patents, but
see, for example, Fast Key Exchange with Elliptic Curve Systems,
in Crypto '95, for details and pseudocode of a non-encumbered method.
Hilarie
----
Eric Rescorla wrote:
> What I think would be very helpful here would be if someone
> (you?) wrote a draft describing a single algorithm with:
>
> (1) A description of its patent status (hopefully, with
> some reference to the techniques having been published
> prior to patents being filed).
> (2) Some estimate of its security properties (e.g. an estimate
> of strength.)
> (3) Some description of (unencumbered) implementation techniques
> along with performance numbers for those techniques,
> perhaps with comparisons to RSA.
>
> -Ekr
>
>