Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: GnuPG: gcrypt

ECC cipher suites

  

 
GnuPG gcrypt RSS feed   Index | Next | Previous | View Threaded


ueno at unixuser

Aug 25, 2009, 5:34 AM

Post #1 of 4 (1102 views)
Permalink
ECC cipher suites
Hello,

I looked at the feature comparison table of TLS libraries and noticed
that GnuTLS still lacks ECC support:
http://www.gnu.org/software/gnutls/comparison.html

Is anyone working on this? Otherwise, I would like to give it a try[1].

After a quick search on Gmane, the primary (technical) reason seems that
there is no way to compute ECDH with libgcrypt. If so, how about simply
exporting the EC version of powm and curve selection API[2]?

Anyway, would it make sense? Comments are appreciated.

Footnotes:
[1] I recently got my paperwork done for both GnuTLS/libgcrypt, and I am
seeking for next interesting project.

[2] I have first considered a generic key-agreement interface in
libgcrypt, but I now think that it's too much - currently only DH
variants are used in practice.

Regards,
--
Daiki Ueno

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel


wk at gnupg

Aug 25, 2009, 8:15 AM

Post #2 of 4 (1044 views)
Permalink
Re: ECC cipher suites [In reply to]
On Tue, 25 Aug 2009 14:34, ueno [at] unixuser said:

> After a quick search on Gmane, the primary (technical) reason seems that
> there is no way to compute ECDH with libgcrypt. If so, how about simply

We need this (or a variant) for OpenPGP as well, by Sergi Blanch i Torne,
(sergi at calcurco dot org) is working on that.

> exporting the EC version of powm and curve selection API[2]?

I am not sure whether whether the current API is okay, thus I hesitate
to publish it.

> Anyway, would it make sense? Comments are appreciated.

Yes. There is the potential patent problem of course. FWIW, RedHat
removed all ECC code from Lobgcrypt.

> [1] I recently got my paperwork done for both GnuTLS/libgcrypt, and I am
> seeking for next interesting project.

I noticed :-)

> [2] I have first considered a generic key-agreement interface in
> libgcrypt, but I now think that it's too much - currently only DH
> variants are used in practice.

I also though of that when I wrote an ssh library but came to the
conclusion that we need to exchnage too much data in a very portable
way. In the end such an abstract interface would be too complex.


Salam-Shalom,

Werner

--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.


_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel


simon at josefsson

Aug 25, 2009, 3:24 PM

Post #3 of 4 (1036 views)
Permalink
Re: ECC cipher suites [In reply to]
Daiki Ueno <ueno [at] unixuser> writes:

> Hello,
>
> I looked at the feature comparison table of TLS libraries and noticed
> that GnuTLS still lacks ECC support:
> http://www.gnu.org/software/gnutls/comparison.html
>
> Is anyone working on this? Otherwise, I would like to give it a try[1].

Nobody is working on it, but there are patent issues with ECC that has
to be resolved. To avoid wasting time, we may want to approach the FSF
and the SFLC first to get a better understanding of what's involved here
(I've been deferring this since nobody has expressed interest in ECC).

> [1] I recently got my paperwork done for both GnuTLS/libgcrypt, and I am
> seeking for next interesting project.

Finishing the TLS 1.2 support and adding the new cipher suites is a
high-priority task and it shouldn't be too difficult since there are TLS
1.2 test servers out there to test with.

/Simon

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel


ueno at unixuser

Aug 27, 2009, 4:29 AM

Post #4 of 4 (1027 views)
Permalink
Re: ECC cipher suites [In reply to]
>>>>> In <87eiqzedlg.fsf [at] mocca>
>>>>> Simon Josefsson <simon [at] josefsson> wrote:
> > I looked at the feature comparison table of TLS libraries and noticed
> > that GnuTLS still lacks ECC support:
> > http://www.gnu.org/software/gnutls/comparison.html
> >
> > Is anyone working on this? Otherwise, I would like to give it a try[1].

> Nobody is working on it, but there are patent issues with ECC that has
> to be resolved. To avoid wasting time, we may want to approach the FSF
> and the SFLC first to get a better understanding of what's involved here
> (I've been deferring this since nobody has expressed interest in ECC).

Good to know before stepping into further. I hope that the situation
will change in the near future.

> Finishing the TLS 1.2 support and adding the new cipher suites is a
> high-priority task and it shouldn't be too difficult since there are TLS
> 1.2 test servers out there to test with.

Thanks for the hint. I'll check which features of TLS 1.2 are not
implemented. Adding HMAC-SHA256 cipher suites looks one thing to do.

Regards,
--
Daiki Ueno

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel

GnuPG gcrypt RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.