[Cryptography Team] ECC and/or NSA Suite B?

Ron Teitelbaum Ron at USMedRec.com
Fri Nov 24 20:17:31 UTC 2006 

That's interesting can you provide a link about this information for our
lawyer.  It sure looks like sun is providing more then that: 

Q1: What is Sun contributing to OpenSSL? 
Sun contributed an implementation of the Elliptic Curve Cryptographic (ECC)
technology which is well integrated into the existing OpenSSL source
infrastructure. This code enables secure TLS/SSL handshakes using the
Elliptic Curve based cipher suites. 

Sun's contributions to the OpenSSL project include: - Addition of ECC cipher
suites based on the current IETF internet-draft, which specifies the use of
elliptic curve technology in SSL. - Implementation of the Elliptic Curve
Diffie-Hellman (ECDH) key agreement protocol based on ANSI X9.63. - Addition
of elliptic curve support over binary polynomial fields and the underlying
arithmetic library completing the Elliptic Curve cryptographic library in
OpenSSL. 


Q2: Where can the downloadable code be found? 
The latest version of the OpenSSL code containing ECC cipher suites can be
found at the OpenSSL website: ftp://ftp.openssl.org/snapshot/ The download
file is named: openssl-SNAP-20020819.tar.gz or later versions. 


Q3: What about the standardization of ECC cipher suite? 
Sun's implementation is based on the current IETF internet-draft which is
now available in the IETF repository:
http://www.ietf.org/internet-drafts/draft-ietf-tls-ecc-02.txt 

This document describes new key exchange algorithms based on Elliptic Curve
Cryptography (ECC) for the TLS (Transport Layer Security) protocol. In
particular, it specifies the use of Elliptic Curve Diffie-Hellman (ECDH) key
agreement in a TLS handshake and the use of Elliptic Curve Digital Signature
Algorithm (ECDSA) as a new authentication mechanism. 


Q4: What license is Sun's ECC code contributed under? 
Sun contributed the ECC code to the OpenSSL project to be licensed under the
standard OpenSSL license. 

Ron

> -----Original Message-----
> From: 
> Matthew S. Hamrick
> Sent: Friday, November 24, 2006 3:07 PM
> 
> There are three primary branches of ECC: even-normal, odd-normal and
> ortho-normal. IP covers (I think) ortho- and even-. Sun released (I
> thought) an implementation of the one that's not covered.
> 
> Also... Certicom's primary patent is, IMHO, their point-compression
> patent. Without it, it's hard to make a system that guarantees
> certain performance requirements.
> 
> On Nov 24, 2006, at 11:25 AM, Ron Teitelbaum wrote:
> 
> > I'm not sure I understand this since SUN released ECC to the public
> > domain.
> > I'll get an opinion on it:
> >
> >> -----Original Message-----
> >> From: cryptography-bounces at lists.squeakfoundation.org
> >> [mailto:cryptography-bounces at lists.squeakfoundation.org] On Behalf Of
> >> Matthew S. Hamrick
> >> Sent: Friday, November 24, 2006 2:07 PM
> >> To: Cryptography Team Development List
> >> Subject: Re: [Cryptography Team] ECC and/or NSA Suite B?
> >>
> >> Keep in mind, however, that products violate patent restrictions, not
> >> implementations. Otherwise OpenSSL would not be able to include IDEA,
> >> MDC2 or RC5.
> >>
> >> With all the discussion of FIPS 140, I had assumed that most everyone
> >> on the list is working on government contracts. Otherwise, why bother
> >> with it?
> >>
> >> The NSA negotiated a blanket US Federal Government deal for
> >> Certicom's patent portfolio for use in ECDSA, ECDH and ECMQV. So...
> >> if you're a federal government agency, you get to use these
> >> algorithms without having to pay Certicom anything extra. So... if
> >> part of what you're hoping to do is to create an ECC implementation
> >> that can be used by a federal agency, then you can do so without fear
> >> of the Certicom lawyers. Now... the moment the implementation gets
> >> used in a commercial product, then you've got issues.
> >>
> >> On Nov 23, 2006, at 10:24 PM, Cerebus wrote:
> >>
> >>> Is anyone working on Suite B stuff?
> >>>
> >>> Rijndael is there, but it probably should be subclassed as AES
> >>> proper
> >>> if only to lock down the blocksize to 128 bits and the keysize to
> >>> the
> >>> allowed 128 & 256 bits.
> >>>
> >>> SHA256 is there, but it doesn't extent to cover the rest of the SHA2
> >>> family (SHA384 and SHA512).  SHA384 is part of Suite B.
> >>>
> >>> Is anyone working on ECDSA, ECDH & ECMQV?  (Well, given that
> >>> ECMQV is
> >>> more heavily patent-encumbered in the US, I can understand if it's
> >>> left by the wayside).
> >>>
> >>> If not I might take a crack at a couple of pieces.
> >>>
> >>> -- Tim
> >>> _______________________________________________
> >>> Cryptography mailing list
> >>> Cryptography at lists.squeakfoundation.org
> >>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/
> >>> cryptography
> >>
> >> _______________________________________________
> >> Cryptography mailing list
> >> Cryptography at lists.squeakfoundation.org
> >> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/
> >> cryptography
> >
> >
> > _______________________________________________
> > Cryptography mailing list
> > Cryptography at lists.squeakfoundation.org
> > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/
> > cryptography
> 
> _______________________________________________
> Cryptography mailing list
> Cryptography at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography

More information about the Cryptography mailing list