[cabfpub] Proposal to add DSA 2048

Rick Andrews Rick_Andrews at symantec.com
Mon Mar 11 18:39:23 UTC 2013


Erwann,

We did this primarily because other companies hold IP around other types of curves like binary field curves. We did our analysis on the NIST curves and felt comfortable proceeding with those. If we see demand for other types of curves, we’ll investigate the IP space and proceed accordingly.

-Rick

From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of Erwann Abalea
Sent: Monday, March 11, 2013 3:56 AM
To: CABFPub
Subject: Re: [cabfpub] Proposal to add DSA 2048

Why was the list of ECDSA curves limited to the NIST ones, instead of specifying a list of characteristics (field size, curve type, ...)?
This prevents the use of other standardized curves such as Brainpool ones (RFC5639), and more local ones such as French ANSSI ones.



--

Erwann ABALEA


Le 08/03/2013 22:38, Rick Andrews a écrit :
To address everyone’s questions:

-          FIPS 186 originally allowed for DSA 1024 bits max, but in the 186-3 revision 2048 and SHA-2 were added.

-          ECDSA is allowed in the BRs; Appendix A allows P-256, P-384, or P-521 curves

-          Does it present any issues that are different from RSA algorithm certs? AFAIK, just what Erwann listed below (it can be used for signature only, not encryption/decryption). I haven’t heard of any particular vulnerabilities. In fact, the “Ron was wrong, Whit is right” paper (http://eprint.iacr.org/2012/064.pdf) suggests that there are advantages to cryptosystems like DSA that require only a single secret during key setup.

-          Same authentication processes and security considerations? I don’t see why not.

-          Can only government agencies obtain these certs, or can any user? Anyone can. We expect more interest from government customers given its inclusion in FIPS 186-3, but there are no restrictions
-Rick


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130311/337aa6ed/attachment-0003.html>


More information about the Public mailing list