Re: How to use a named elliptic curve?

Jeffrey Walton on Sat, 02 Jan 2021 12:00:16 +0100

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: How to use a named elliptic curve?

To: Jeffrey Walton <noloader@gmail.com>, pari-users@pari.math.u-bordeaux.fr
Subject: Re: How to use a named elliptic curve?
From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 2 Jan 2021 06:00:01 -0500
Delivery-date: Sat, 02 Jan 2021 12:00:16 +0100
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:reply-to:from:date:message-id :subject:to; bh=0RxEx6KRFdBI7FTS6GsaniRHiI9H9/JcGe25dPR6yok=; b=tbaUY4dLBQcE32blEr6zSDTeb/IW7VyU0PQ+eX5cMjnwxUz1nb/TvDoLHq6CwTWCUC oTz+0aQ88usELt1Rck0hrMdIa6YJQV7YDnNS5sDKFrzNyX0ajuO8PSHE25JFnDvgqj6d kTBG8UkWHfyKNL5gTj+bx7zfhMuqlUjWD5NzxfZobLAXJ4cmU5zK+KpdegjV2Cg03t5m 0CL2QwwE3LduuPeHCFh6RPVVuQboa0lQp8FUcehlR41RpQRETpX3KLCaSaaEa4g9k/CM rlcniS5NzSMBk1KGgtoRGdHsStxv1Cvu+ayAwWbte3jpx3jV4Vr4u4IUgmvRBsrEZGi/ +e4g==
In-reply-to: <20210102100829.GA860106@math.u-bordeaux.fr>
References: <CAH8yC8kGfwjq++kpW=m+gdkRoDOhF7NifAtA3DrFRqvp7A3nAA@mail.gmail.com> <20210102100829.GA860106@math.u-bordeaux.fr>
Reply-to: noloader@gmail.com

On Sat, Jan 2, 2021 at 5:08 AM Karim Belabas
<Karim.Belabas@math.u-bordeaux.fr> wrote:
>
> * Jeffrey Walton [2021-01-02 05:58]:
> > Hi Everyone,
> >
> > I'm working through the elliptic curve tutorial at
> > https://pari.math.u-bordeaux.fr/Events/PARI2017c/talks/ecc_en.pdf. I
> > want to use a named curve, like secp256k1 or secp256r1. It does not
> > appear to be covered in the tutorial.
> > ...
> > How do I create a named curve?
>
> The named curves mechanism only supports Cremona labels at this point
> (for curves over Q sorted by conductor provided by the Cremona database,
> which we repackage as 'elldata'); with the second syntax as in
>
>   E = ellinit("36a1");
>
> None of the crypto curves names (SEC2, FIPS 186-4, RFC3279, etc.) are
> currently supported by this mechanism. It's an interesting option,
> though, that would not be hard to support: Crenoma labels start by a
> digit, all crypto curves names I am aware of start by a letter...
>
> What names would we need to support ?
>   - [PKR]-* from FIPS
>   - sec* from SEC2
>   - prime* from RFC

curve25519 and curve448 are fairly popular. SEC-2/NIST and Bernstein's
curve would probably keep most people happy.

The RFC 3279 curves may be useful, too. I seem to recall some of them
are considered weak/wounded. I think some of them were from the 1998
version of ANSI 9.62. They include c2pnb163v1 and wtls1. But they
would probably make good academic material.

Jeff

Follow-Ups:
- Re: How to use a named elliptic curve?
  - From: Ján Jančár <johny@neuromancer.sk>

References:
- How to use a named elliptic curve?
  - From: Jeffrey Walton <noloader@gmail.com>
- Re: How to use a named elliptic curve?
  - From: Karim Belabas <Karim.Belabas@math.u-bordeaux.fr>

Prev by Date: Re: How to use a named elliptic curve?
Next by Date: Re: How to use a named elliptic curve?
Previous by thread: Re: How to use a named elliptic curve?
Next by thread: Re: How to use a named elliptic curve?
Index(es):
- Date
- Thread