[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: What is "verifiably at random"??? (Was RE: I-D Action:draft-ietf-pkix-ecc-subpubkeyinfo-00.txt)

To: "'Kemp, David P.'" <DPKemp@xxxxxxxxxxxxxx>, <ietf-pkix@xxxxxxx>
Subject: RE: What is "verifiably at random"??? (Was RE: I-D Action:draft-ietf-pkix-ecc-subpubkeyinfo-00.txt)
From: "Turner, Sean P." <turners@xxxxxxxx>
Date: Sun, 16 Dec 2007 15:47:01 -0500
In-reply-to: <FA998122A677CF4390C1E291BFCF598908C04BE3@xxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Organization: IECA, Inc.
References: <E1J07kQ-0005W1-06@xxxxxxxxxxxxxxxxxxxxxx> <FA998122A677CF4390C1E291BFCF598908C04BE3@xxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-pkix@xxxxxxxxxxxx
Thread-index: Acg3wd2Yv6ughAjaQcGZ6adpDmMEjgAbkG+AAf0gq8A=

Dave,

Thanks for the review. The phrase you refer to actually appears more than
once. I'll replace it in all places as suggested.

spt 

>-----Original Message-----
>From: owner-ietf-pkix@xxxxxxxxxxxx 
>[mailto:owner-ietf-pkix@xxxxxxxxxxxx] On Behalf Of Kemp, David P.
>Sent: Thursday, December 06, 2007 1:28 PM
>To: ietf-pkix@xxxxxxx
>Subject: What is "verifiably at random"??? (Was RE: I-D 
>Action:draft-ietf-pkix-ecc-subpubkeyinfo-00.txt)
>
>
>Section 2.1.1.2.1 of the new ECC I-D states:
>
>   If version is ecdpVer2, then the curve and the base point
>   G shall be generated verifiably at random, and curve.seed
>   shall be present.
>
>It seems quite peculiar to say that a value is generated "at random"
>when the value has zero entropy (as is the case when a curve 
>and base point are generated by hashing a seed and the value 
>of the seed is known).  That's almost as peculiar as claiming 
>that the well known constant PI is random.
>
>
>RFC 3797 Section 3 states:
>
>   The crux of the unbiased nature of the selection is that it is based
>   in an exact, predetermined fashion on random information which will
>   be revealed in the future and thus can not be known to the person
>   specifying the algorithm.
>
>Unlike RFC 3797, the ECC I-D contains no recommendations 
>concerning the selection of random (unpredictable) values of 
>curve.seed.  A CA that wishes to manipulate the values of 
>curve and G may have some computational effort to determine a 
>seed, but computation is possible assuming that the pool of 
>suitable manipulated values is not too sparse.
>
>Please replace the phrase "generated verifiably at random" 
>with something like "generated deterministically" that does 
>not imply that there is some entropy/unpredictability involved 
>in the process.
>

Follow-Ups:
- Re: What is "verifiably at random"??? (Was RE: I-D Action:draft-ietf-pkix-ecc-subpubkeyinfo-00.txt)
  - From: Bodo Moeller

References:
- I-D Action:draft-ietf-pkix-ecc-subpubkeyinfo-00.txt
  - From: Internet-Drafts
- What is "verifiably at random"??? (Was RE: I-D Action:draft-ietf-pkix-ecc-subpubkeyinfo-00.txt)
  - From: Kemp, David P.

Prev by Date: Indulge yourself in the feeling of real masculinity in a year to come!
Next by Date: Bring more male strength and confidence into your life in 2008!
Previous by thread: What is "verifiably at random"??? (Was RE: I-D Action:draft-ietf-pkix-ecc-subpubkeyinfo-00.txt)
Next by thread: Re: What is "verifiably at random"??? (Was RE: I-D Action:draft-ietf-pkix-ecc-subpubkeyinfo-00.txt)
Index(es):
- Date
- Thread