[PATCH] ecc: Add Curve448.
Niibe Yutaka
gniibe at fsij.org
Thu Sep 26 11:19:23 CEST 2019
Werner Koch wrote:
>> - { "X448", "1.3.101.111" }, /* rfc8410 */
>> #endif
>>
>> + { "Curve448", "1.3.101.111" }, /* X448 in rfc8410 */
>
> Would you mind to briefly explain the name change?
Well, this is important point. In this patch, I kind of abuse an OID
which is defined in RFC8410 for X448 algorithm.
Perhaps, ideally for OpenPGP, we would need an independent OID for the
curve.
For other curves (than Curve448), an OID represents a specific curve.
In RFC8410, (IIUC), an OID is assigned to an algorithm (signature
algorithm, or key-agreement algorithm). It doesn not represent
a curve. That's my understanding. Please correct if I am wrong.
The name change is needed, I suppose, because key for ECDH and ECDH
packet in OpenPGP will be in big-endian, if we follow the existing way
with ECC curves (NIST ones, Brainpool ones, and Curve25519). Note that
for Curve25519, it is not in native format of X25519. So, I intend that
it will be same, that is, it will not be in native format of X448.
(How come? That's because when ECDH with Curve25519 was implemented for
OpenPGP, there was no X25519 defined.)
It is also possible to introduce new thing for X448. We can define X448
key and ECDH with X448 in OpenPGP, in the native format of X448.
I can change the patch accordingly, if the latter is preferred.
I'm open to any changes.
--
More information about the Gcrypt-devel
mailing list