[gnutls-help] curve25519, UMAC, etc
A L
mail at lechevalier.se
Fri Mar 14 19:45:51 CET 2014
On 2014-03-14 08:34, Nikos Mavrogiannopoulos wrote:
> On Thu, Mar 13, 2014 at 12:17 AM, A L <mail at lechevalier.se> wrote:
>> Are there any plans to support curve25519 or any of the other non-NIST
>> curves for ECC/ECDH and are there plans to support Ed25519 signature?
>> Reference:
>> http://cr.yp.to/ecdh.html
>> http://ed25519.cr.yp.to
>> https://tools.ietf.org/html/draft-josefsson-tls-curve25519-04
> The plan is to be added once it is standardized and implemented in
> nettle. Ed25519 signature scheme will not be added, as it is not
> standardized in any way and there is no plan to make it so as far as I
> know.
>
> Implementing algorithms prior to standardization has the risk of
> implementing an early variant of the algorithm that isn't in the final
> standard (this is the case with gnutls implementing salsa20-umac,
> which was replaced with chacha20-poly, and openssh with the
> chacha20-poly implementation, which is based on an early draft that is
> incompatible with the latest).
>
> regards,
> Nikos
Understandably, there needs to be some standardization to avoid
interoperability and security issues. Do you know the status regarding
the draft? I.e. when could we expect it to be finalized enough to be
included?
Side note. I just saw that the OpenSSH-6.5 release does support Ed25519 ;)
http://www.openssh.org/txt/release-6.5
~A
More information about the Gnutls-help
mailing list