Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. gcrypt
ECC cipher suites
ueno at unixuser
Aug 25, 2009, 5:34 AM
Post #1 of 4 (2200 views)
Permalink
Hello,

I looked at the feature comparison table of TLS libraries and noticed
that GnuTLS still lacks ECC support:
http://www.gnu.org/software/gnutls/comparison.html

Is anyone working on this? Otherwise, I would like to give it a try[1].

After a quick search on Gmane, the primary (technical) reason seems that
there is no way to compute ECDH with libgcrypt. If so, how about simply
exporting the EC version of powm and curve selection API[2]?

Anyway, would it make sense? Comments are appreciated.

Footnotes:
[1] I recently got my paperwork done for both GnuTLS/libgcrypt, and I am
seeking for next interesting project.

[2] I have first considered a generic key-agreement interface in
libgcrypt, but I now think that it's too much - currently only DH
variants are used in practice.

Regards,
--
Daiki Ueno

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
Re: ECC cipher suites [ In reply to ]
wk at gnupg
Aug 25, 2009, 8:15 AM
Post #2 of 4 (2112 views)
Permalink
On Tue, 25 Aug 2009 14:34, ueno@unixuser.org said:

> After a quick search on Gmane, the primary (technical) reason seems that
> there is no way to compute ECDH with libgcrypt. If so, how about simply

We need this (or a variant) for OpenPGP as well, by Sergi Blanch i Torne,
(sergi at calcurco dot org) is working on that.

> exporting the EC version of powm and curve selection API[2]?

I am not sure whether whether the current API is okay, thus I hesitate
to publish it.

> Anyway, would it make sense? Comments are appreciated.

Yes. There is the potential patent problem of course. FWIW, RedHat
removed all ECC code from Lobgcrypt.

> [1] I recently got my paperwork done for both GnuTLS/libgcrypt, and I am
> seeking for next interesting project.

I noticed :-)

> [2] I have first considered a generic key-agreement interface in
> libgcrypt, but I now think that it's too much - currently only DH
> variants are used in practice.

I also though of that when I wrote an ssh library but came to the
conclusion that we need to exchnage too much data in a very portable
way. In the end such an abstract interface would be too complex.


Salam-Shalom,

Werner

--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.


_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
Re: ECC cipher suites [ In reply to ]
simon at josefsson
Aug 25, 2009, 3:24 PM
Post #3 of 4 (2102 views)
Permalink
Daiki Ueno <ueno@unixuser.org> writes:

> Hello,
>
> I looked at the feature comparison table of TLS libraries and noticed
> that GnuTLS still lacks ECC support:
> http://www.gnu.org/software/gnutls/comparison.html
>
> Is anyone working on this? Otherwise, I would like to give it a try[1].

Nobody is working on it, but there are patent issues with ECC that has
to be resolved. To avoid wasting time, we may want to approach the FSF
and the SFLC first to get a better understanding of what's involved here
(I've been deferring this since nobody has expressed interest in ECC).

> [1] I recently got my paperwork done for both GnuTLS/libgcrypt, and I am
> seeking for next interesting project.

Finishing the TLS 1.2 support and adding the new cipher suites is a
high-priority task and it shouldn't be too difficult since there are TLS
1.2 test servers out there to test with.

/Simon

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
Re: ECC cipher suites [ In reply to ]
ueno at unixuser
Aug 27, 2009, 4:29 AM
Post #4 of 4 (2097 views)
Permalink
>>>>> In <87eiqzedlg.fsf@mocca.josefsson.org>
>>>>> Simon Josefsson <simon@josefsson.org> wrote:
> > I looked at the feature comparison table of TLS libraries and noticed
> > that GnuTLS still lacks ECC support:
> > http://www.gnu.org/software/gnutls/comparison.html
> >
> > Is anyone working on this? Otherwise, I would like to give it a try[1].

> Nobody is working on it, but there are patent issues with ECC that has
> to be resolved. To avoid wasting time, we may want to approach the FSF
> and the SFLC first to get a better understanding of what's involved here
> (I've been deferring this since nobody has expressed interest in ECC).

Good to know before stepping into further. I hope that the situation
will change in the near future.

> Finishing the TLS 1.2 support and adding the new cipher suites is a
> high-priority task and it shouldn't be too difficult since there are TLS
> 1.2 test servers out there to test with.

Thanks for the hint. I'll check which features of TLS 1.2 are not
implemented. Adding HMAC-SHA256 cipher suites looks one thing to do.

Regards,
--
Daiki Ueno

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal