| rfc9496v2.xml | rfc9496.xml | |||
|---|---|---|---|---|
| <?xml version="1.0" encoding="utf-8"?> | <?xml version="1.0" encoding="utf-8"?> | |||
| <!DOCTYPE rfc [ | <!DOCTYPE rfc [ | |||
| <!ENTITY nbsp " "> | <!ENTITY nbsp " "> | |||
| <!ENTITY zwsp "​"> | <!ENTITY zwsp "​"> | |||
| <!ENTITY nbhy "‑"> | <!ENTITY nbhy "‑"> | |||
| <!ENTITY wj "⁠"> | <!ENTITY wj "⁠"> | |||
| ]> | ]> | |||
| <!-- name="GENERATOR" content="github.com/mmarkdown/mmark Mmark Markdown Processor - mmark.miek.nl" --> | <!-- name="GENERATOR" content="github.com/mmarkdown/mmark Mmark Markdown Processor - mmark.miek.nl" --> | |||
| <rfc version="3" ipr="trust200902" docName="9496" submissionType="IRTF" category="info" xml:lang="en" xmlns:xi="http://www.w3.org/2001/XInclude" indexInclude="true" consensus="true" sortRefs="true" number="9496"> | <rfc version="3" ipr="trust200902" docName="draft-irtf-cfrg-ristretto255-decaf448-08" submissionType="IRTF" category="info" xml:lang="en" xmlns:xi="http://www.w3.org/2001/XInclude" indexInclude="true" consensus="true" sortRefs="true" number="9496"> | |||
| <front> | <front> | |||
| <title abbrev="ristretto255-decaf448">The ristretto255 and decaf448 Groups</title><seriesInfo value="9496" stream="IRTF" status="informational" name="RFC"></seriesInfo> | <title abbrev="ristretto255-decaf448">The ristretto255 and decaf448 Groups</title><seriesInfo value="9496" stream="IRTF" status="informational" name="RFC"></seriesInfo> | |||
| <author initials="H." surname="de Valence" fullname="Henry de Valence"><organization></organization><address><postal><street></street> | <author initials="H." surname="de Valence" fullname="Henry de Valence"><organization></organization><address><postal><street></street> | |||
| </postal><email>ietf@hdevalence.ca</email> | </postal><email>ietf@hdevalence.ca</email> | |||
| </address></author><author initials="J." surname="Grigg" fullname="Jack Grigg"><organization></organization><address><postal><street></street> | </address></author><author initials="J." surname="Grigg" fullname="Jack Grigg"><organization></organization><address><postal><street></street> | |||
| </postal><email>ietf@jackgrigg.com</email> | </postal><email>ietf@jackgrigg.com</email> | |||
| </address></author><author initials="M." surname="Hamburg" fullname="Mike Hamburg"><organization></organization><address><postal><street></street> | </address></author><author initials="M." surname="Hamburg" fullname="Mike Hamburg"><organization></organization><address><postal><street></street> | |||
| </postal><email>ietf@shiftleft.org</email> | </postal><email>ietf@shiftleft.org</email> | |||
| </address></author><author initials="I." surname="Lovecruft" fullname="Isis Lovecruft"><organization></organization><address><postal><street></street> | </address></author><author initials="I." surname="Lovecruft" fullname="Isis Lovecruft"><organization></organization><address><postal><street></street> | |||
| </postal><email>ietf@en.ciph.re</email> | </postal><email>ietf@en.ciph.re</email> | |||
| </address></author><author initials="G." surname="Tankersley" fullname="George Tankersley"><organization></organization><address><postal><street></street> | </address></author><author initials="G." surname="Tankersley" fullname="George Tankersley"><organization></organization><address><postal><street></street> | |||
| </postal><email>ietf@gtank.cc</email> | </postal><email>ietf@gtank.cc</email> | |||
| </address></author><author initials="F." surname="Valsorda" fullname="Filippo Valsorda"><organization></organization><address><postal><street></street> | </address></author><author initials="F." surname="Valsorda" fullname="Filippo Valsorda"><organization></organization><address><postal><street></street> | |||
| </postal><email>ietf@filippo.io</email> | </postal><email>ietf@filippo.io</email> | |||
| </address></author><date year="2023" month="October" day="14"></date> | </address></author><date year="2023" month="November"></date> | |||
| <area>Internet</area> | ||||
| <workgroup>Crypto Forum</workgroup> | <workgroup>Crypto Forum</workgroup> | |||
| <keyword>cryptographic group</keyword> | <keyword>cryptographic group</keyword> | |||
| <keyword>cryptography</keyword> | <keyword>cryptography</keyword> | |||
| <keyword>Curve25519</keyword> | <keyword>Curve25519</keyword> | |||
| <keyword>ecc</keyword> | <keyword>ecc</keyword> | |||
| <keyword>edwards448</keyword> | <keyword>edwards448</keyword> | |||
| <keyword>elliptic curve</keyword> | <keyword>elliptic curve</keyword> | |||
| <keyword>elliptic curve cryptography</keyword> | <keyword>elliptic curve cryptography</keyword> | |||
| <keyword>nonmalleable encodings</keyword> | <keyword>nonmalleable encodings</keyword> | |||
| <keyword>prime-order</keyword> | <keyword>prime-order</keyword> | |||
| skipping to change at line 112 ¶ | skipping to change at line 112 ¶ | |||
| <section anchor="notation-and-conventions-used-in-this-document"><name>Notation and Conventions Used in This Document</name> | <section anchor="notation-and-conventions-used-in-this-document"><name>Notation and Conventions Used in This Document</name> | |||
| <t>The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", | <t>The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", | |||
| "<bcp14>SHALL NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", | "<bcp14>SHALL NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", | |||
| "<bcp14>NOT RECOMMENDED</bcp14>", "<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document | "<bcp14>NOT RECOMMENDED</bcp14>", "<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document | |||
| are to be interpreted as described in BCP 14 <xref target="RFC2119"></xref> <xref target="RFC8174"></xref> | are to be interpreted as described in BCP 14 <xref target="RFC2119"></xref> <xref target="RFC8174"></xref> | |||
| when, and only when, they appear in all capitals, as shown here.</t> | when, and only when, they appear in all capitals, as shown here.</t> | |||
| <t>Readers are cautioned that the term "Curve25519" has varying | <t>Readers are cautioned that the term "Curve25519" has varying | |||
| interpretations in the literature and that the canonical meaning of the | interpretations in the literature and that the canonical meaning of the | |||
| term has shifted over time. Originally, it referred to a specific | term has shifted over time. Originally, it referred to a specific | |||
| Diffie–Hellman key exchange mechanism. Use shifted over time, and | Diffie-Hellman key exchange mechanism. Use shifted over time, and | |||
| "Curve25519" has been used to refer to the abstract underlying | "Curve25519" has been used to refer to the abstract underlying | |||
| curve, its concrete representation in Montgomery form, or the | curve, its concrete representation in Montgomery form, or the | |||
| specific Diffie–Hellman mechanism. This document uses the term | specific Diffie-Hellman mechanism. This document uses the term | |||
| "Curve25519" to refer to the abstract underlying curve, as recommended | "Curve25519" to refer to the abstract underlying curve, as recommended | |||
| in <xref target="Naming"></xref>. The abstract Edwards form of the curve we refer to here | in <xref target="Naming"></xref>. The abstract Edwards form of the curve we refer to here | |||
| as "Curve25519" is referred to in <xref target="RFC7748"></xref> as "edwards25519", | as "Curve25519" is referred to in <xref target="RFC7748"></xref> as "edwards25519", | |||
| and the Montgomery form that is isogenous to the Edwards form is | and the Montgomery form that is isogenous to the Edwards form is | |||
| referred to in <xref target="RFC7748"></xref> as "curve25519".</t> | referred to in <xref target="RFC7748"></xref> as "curve25519".</t> | |||
| <t>Elliptic curve points in this document are represented in extended | <t>Elliptic curve points in this document are represented in extended | |||
| Edwards coordinates in the <tt>(x, y, z, t)</tt> format <xref target="Twisted"></xref>, also called | Edwards coordinates in the <tt>(x, y, z, t)</tt> format <xref target="Twisted"></xref>, also called | |||
| extended homogeneous coordinates in <xref target="RFC8032" sectionFormat="of" section="5.1.4"></xref>. Field | extended homogeneous coordinates in <xref target="RFC8032" sectionFormat="of" section="5.1.4"></xref>. Field | |||
| elements are values modulo p, the Curve25519 prime 2<sup>255</sup> - 19 or the | elements are values modulo p, the Curve25519 prime 2<sup>255</sup> - 19 or the | |||
| edwards448 prime 2<sup>448</sup> - 2<sup>224</sup> - 1, as specified in Sections | edwards448 prime 2<sup>448</sup> - 2<sup>224</sup> - 1, as specified in Sections | |||
| skipping to change at line 811 ¶ | skipping to change at line 811 ¶ | |||
| <front> | <front> | |||
| <title>Decaf: Eliminating cofactors through point compression</title> | <title>Decaf: Eliminating cofactors through point compression</title> | |||
| <author fullname="Mike Hamburg" initials="M." surname="Hamburg"> | <author fullname="Mike Hamburg" initials="M." surname="Hamburg"> | |||
| <organization>Rambus Cryptography Research</organization> | <organization>Rambus Cryptography Research</organization> | |||
| </author> | </author> | |||
| <date year="2015"></date> | <date year="2015"></date> | |||
| </front> | </front> | |||
| </reference> | </reference> | |||
| <reference anchor="Ed25519ValidCrit" target="https://hdevalence.ca/blog/2020-10-04-its-25519am"> | <reference anchor="Ed25519ValidCrit" target="https://hdevalence.ca/blog/2020-10-04-its-25519am"> | |||
| <front> | <front> | |||
| <title>It’s 255:19AM. Do you know what your validation criteria are?</title> | <title>It's 255:19AM. Do you know what your validation criteria are?</title> | |||
| <author fullname="Henry de Valence" initials="H" surname="de Valence"></author> | <author fullname="Henry de Valence" initials="H" surname="de Valence"></author> | |||
| <date year="2020" month="October" day="4"></date> | <date year="2020" month="October" day="4"></date> | |||
| </front> | </front> | |||
| </reference> | </reference> | |||
| <reference anchor="MoneroVuln" target="https://jonasnick.github.io/blog/2017/05/23/exploiting-low-order-generators-in-one-time-ring-signatures/"> | <reference anchor="MoneroVuln" target="https://jonasnick.github.io/blog/2017/05/23/exploiting-low-order-generators-in-one-time-ring-signatures/"> | |||
| <front> | <front> | |||
| <title>Exploiting Low Order Generators in One-Time Ring Signatures</title> | <title>Exploiting Low Order Generators in One-Time Ring Signatures</title> | |||
| <author fullname="Jonas Nick" initials="J." surname="Nick"></author> | <author fullname="Jonas Nick" initials="J." surname="Nick"></author> | |||
| <date year="2017" month="May"></date> | <date year="2017" month="May"></date> | |||
| </front> | </front> | |||
| End of changes. 5 change blocks. | ||||
| 6 lines changed or deleted | 6 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||