[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipsec
Subject:    Re: draft of the ISAKMP/Oakley draft
From:       ho () earth ! hpc ! org (Hilarie Orman)
Date:       1997-10-31 22:09:29
[Download RAW message or body]

>	 Elliptic Curve Cryptography should be given every consideration by
>	 the IETF.  It is the technology that will provide long term Security
>	 under all application environments over the INTERNET.  The need for
>	 Elliptic Curve Cryptography will become more important as more
>   elements
>	 of the INTERNET and Intranets go Wireless.

I don't follow the above.  How does any of this motivate ECC over
modular exponentiation, for example?

>	 Both implementations over GF(p) and GF(2^^N) should be considered from
>	 efficiency point of view,  there are very efficient Implementations
>	 over GF(2^^N) in both hardware and software.  The availability of
>	 mod p arithmetic for implementation is not a convincing argument to
>	 drop GF(2^^N) and only propose GF(p).  As was mentiond in Eurocrypt
>	 GF(2^^N) can be implemented using mod p too.

No one has proposed dropping GF[2^n], as far as I know.  However, I
don't believe that GF[p] has enough demonstrated merit to be included
in an IETF standard.  I could certainly be persuaded by running code
and blazingly fast times.

>	 As for the patents issues, it is imprtant to note that any existing
>	 or pending patents in GF(2^^N) or GF(p) are on Implementation only
>	 and not over the Mathematical Concepts.  The mathematics is free there
>	 for any body who wants to implement.  There are FREE Implementations
>	 as well as Commercial ones.  The Patent issues should be undertood
>	 in this context.

It's my understanding, as a non-lawyer, acting on my own mathematical
understanding and with advice from others, that there is a patent on
an efficient software implementation of key exchange using GF[p].  The
patent issue should be understood in this context, i.e. cryptographic
uses of GF[p].  Because efficiency should be an important
consideration for the IETF, I view the encumbrance on what may be the
most efficient implementation of an algorithm to be a matter for
consideration by this group.  I also encourage others to investigate
the patent situation and report back.

>	 I believe the issues of patents over ECC should not be viewed as
>	 the issue of  Patents in Legacy Algorithms like DH(now free) and RSA,
>	 in the Legacy Systems the Mathematical Concepts where patented and
>	 Royalties will be claimed when ever and implementaion is done while
>	 in ECC the case is VERY different.

You may well be wrong.

Hilarie

>	 Regards

>	 Adel Jaber/Certicom
>	 WWW.CERTICOM.COM

[prev in list] [next in list] [prev in thread] [next in thread]