Using the Elliptic Curve Cryptography (ECC) Brainpool Curves for the Internet Key Exchange Protocol Version 2 (IKEv2)
draft-merkle-ikev2-ke-brainpool-06
Technical Summary
This memo specifies the use of new elliptic curves, generated by the ECC
Brainpool, for use in version 2 of the Internet Key Exchange. Because
version 2 of the Internet Key Exchange was ambiguous about how points on
an elliptic curve are encoded in the KE payload and what the shared
secret result of an ECDH looked like, this memo also specifies that
information when using an ECC Brainpool curve.
Working Group Summary
This memo is not a working group document but it was discussed on the
IPsec mailing list. Earlier versions of the memo discussed point
compression when encoding a point on a curve into the KE payload but due
to opposition to point compression that was removed. There wa salso
working group discussion on validation of public keys, including ECC
public keys. The draft mentions the need to validate a received ECC
public key, per working group discussion and refers to an I-D that
specifies such validation.
Document Quality
The elliptic curves have been used in other protocols than IKE. The
test vectors in the memo have been verified by the document shepherd.
Personnel
Dan Harkins is the document shepherd.
The responsible area director is Sean Turner.