From: Mouse <uri...@op...> - 2005-08-19 22:25:12
|
1. It's GREAT!! Way to go! 2. I noticed that it supports only GF(2^n) - this isn't the way that standardization goes (and there could be security implications). How difficult would it be to add GF(p) support? > -----Original Message----- > > > I have implemented elliptic-curve based key exchange for racoon (as > > part of our proprietary software, in perspective). > > Great ! > > > > Attached patch introduces support for two EC2N groups, exp. 155 and > > exp 185, aka IKE group 3 and group 4. OpenSSL EC code is > used for the math. > > I would be glad if someone here reviews this patch and merges it in > > racoon source tree (or explains whats wrong if it's not accpetable). > > I won't have time to do a full review of your patch before a > few days, but it IS interesting, and EC support is something > interesting, at least for me ! > > > > Not sure about these things: > > * the way DH shared secrect is calculated > > * when sending public key, is padding required? > > I can't answer for now, we'll have to check what is said in RFCs... > > > [....] > > Any comments are much appreciated. > > > > The patch is done against 0.6.1 beta 2. > > > We will commit it on HEAD first, I don't know if it will be > included in any 0.6.x version for now. > > > Yvan. > > > ------------------------------------------------------- > SF.Net email is Sponsored by the Better Software Conference & > EXPO September 19-22, 2005 * San Francisco, CA * Development > Lifecycle Practices Agile & Plan-Driven Development * > Managing Projects & Teams * Testing & QA Security * Process > Improvement & Measurement * http://www.sqe.com/bsce5sf > _______________________________________________ > Ipsec-tools-devel mailing list > Ips...@li... > https://lists.sourceforge.net/lists/listinfo/ipsec-tools-devel |