Great. Do you have a link that talks about what Sun released to the public domain?
On Nov 24, 2006, at 11:25 AM, Ron Teitelbaum wrote:
Forgot the link: http://www.sun.com/emrkt/innercircle/newsletter/0304cto.html
Ron
-----Original Message----- From: Ron Teitelbaum [mailto:Ron@USMedRec.com] Sent: Friday, November 24, 2006 2:25 PM To: 'Cryptography Team Development List' Subject: RE: [Cryptography Team] ECC and/or NSA Suite B?
I'm not sure I understand this since SUN released ECC to the public domain. I'll get an opinion on it:
-----Original Message----- From: cryptography-bounces@lists.squeakfoundation.org [mailto:cryptography-bounces@lists.squeakfoundation.org] On Behalf Of Matthew S. Hamrick Sent: Friday, November 24, 2006 2:07 PM To: Cryptography Team Development List Subject: Re: [Cryptography Team] ECC and/or NSA Suite B?
Keep in mind, however, that products violate patent restrictions, not implementations. Otherwise OpenSSL would not be able to include IDEA, MDC2 or RC5.
With all the discussion of FIPS 140, I had assumed that most everyone on the list is working on government contracts. Otherwise, why bother with it?
The NSA negotiated a blanket US Federal Government deal for Certicom's patent portfolio for use in ECDSA, ECDH and ECMQV. So... if you're a federal government agency, you get to use these algorithms without having to pay Certicom anything extra. So... if part of what you're hoping to do is to create an ECC implementation that can be used by a federal agency, then you can do so without fear of the Certicom lawyers. Now... the moment the implementation gets used in a commercial product, then you've got issues.
On Nov 23, 2006, at 10:24 PM, Cerebus wrote:
Is anyone working on Suite B stuff?
Rijndael is there, but it probably should be subclassed as AES proper if only to lock down the blocksize to 128 bits and the keysize to the allowed 128 & 256 bits.
SHA256 is there, but it doesn't extent to cover the rest of the SHA2 family (SHA384 and SHA512). SHA384 is part of Suite B.
Is anyone working on ECDSA, ECDH & ECMQV? (Well, given that ECMQV is more heavily patent-encumbered in the US, I can understand if it's left by the wayside).
If not I might take a crack at a couple of pieces.
-- Tim _______________________________________________ Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/ cryptography