[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DRAFT minutes, SACRED WG, Minneapolis IETF

To: ietf-sacred@xxxxxxx
Subject: Re: DRAFT minutes, SACRED WG, Minneapolis IETF
From: Yongge Wang <ywang@xxxxxxxxxxxx>
Date: Mon, 26 Mar 2001 16:52:10 -0500 (EST)
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-sacred/mail-archive/>
List-id: <ietf-sacred.imc.org>
List-unsubscribe: <mailto:ietf-sacred-request@imc.org?body=unsubscribe>
Sender: owner-ietf-sacred@xxxxxxxxxxxx

On Mon, 26 Mar 2001, Radia Perlman - Boston Center for Networking wrote:
> PDM has not been patented. This doesn't mean of course that it is
> absolutely certain someone doesn't have a patent that might cover some
> aspects of it,
> but PDM itself is not patented. So we don't need a statement from
> our organizations that it will be licensed on reasonable terms, or
> free terms provided that people who use it grant license to any
> of their technology, ... It's simply not patented.

PDM is a nice protocol. Of course, as mentioned in the
previous summary of Milliapolos meeting, the client side
is a little slow. In particular, ECC is used in wireless
devices such as Palm for several well-known reasons.
If wireless devices will be one of the main users of SACRED,
I think PDM might need a nice refinement for ECC version.
At present, there is no natural efficient ECC version of PDM. 
We cannot imagine that each time Palm will generate a 
Elliptic Curve and count the points on it. 

One solution might be as follows though it is still a little
slow: the Elliptic Curve should be a public one. But each time,
the password should be used to generate the generator of the
Elliptic Curve group (this will look like the SPEKE,
hope this is not covered by the SPEKE patent).

Some factors might also be taken into consideration in 
desiging SACRED protocol. In order to support different
protocols, the same password might be delivered by the 
server to the client using several different algorithms.
Then the special care might need to be taken for
security reasons.
(e.g., my Palm and Desktop should download the same password,
though my Palm use ECC and Destop use DH.)

Yongge

> It would be nice to at least come up with a single MUST implement, as
> well as a bunch of other choices, should the MUST alg wind up cryptographically
> broken or with someone showing they have a patent on arithmetic which
> covers it.

-----------------------------------
Yongge Wang -- Crypto Mathematician
http://cs.uwm.edu/~wang/
-----------------------------------

References:
- Re: DRAFT minutes, SACRED WG, Minneapolis IETF
  - From: Radia Perlman - Boston Center for Networking

Prev by Date: Re: DRAFT minutes, SACRED WG, Minneapolis IETF
Next by Date: Re: DRAFT minutes, SACRED WG, Minneapolis IETF
Previous by thread: Re: DRAFT minutes, SACRED WG, Minneapolis IETF
Next by thread: Re: DRAFT minutes, SACRED WG, Minneapolis IETF
Index(es):
- Date
- Thread