ECC Brainpool Curves for Transport Layer Security (TLS)
draft-merkle-tls-brainpool-01
| The information below is for an old version of the document |
| Document |
Type |
|
Active Internet-Draft (individual in sec area)
|
|
Last updated |
|
2013-06-21
(latest revision 2013-05-13)
|
|
Stream |
|
IETF
|
|
Intended RFC status |
|
Informational
|
|
Formats |
|
pdf
htmlized (tools)
htmlized
bibtex
|
|
Reviews |
|
|
| Stream |
WG state
|
|
(None)
|
|
Document shepherd |
|
Dan Harkins
|
|
Shepherd write-up |
|
Show
(last changed 2013-06-20)
|
| IESG |
IESG state |
|
AD Evaluation::Revised I-D Needed
|
|
Consensus Boilerplate |
|
Unknown
|
|
Telechat date |
|
|
|
Responsible AD |
|
Sean Turner
|
|
Send notices to |
|
johannes.merkle@secunet.com, manfred.lochter@bsi.bund.de, draft-merkle-tls-brainpool@tools.ietf.org, dharkins@lounge.org
|
Network Working Group J. Merkle
Internet-Draft secunet Security Networks
Updates: 4492 (if approved) M. Lochter
Intended status: Informational Bundesamt fuer Sicherheit in der
Expires: November 14, 2013 Informationstechnik (BSI)
May 13, 2013
ECC Brainpool Curves for Transport Layer Security (TLS)
draft-merkle-tls-brainpool-01
Abstract
This document specifies the use of several ECC Brainpool elliptic
curves for authentication and key exchange in the Transport Layer
Security (TLS) protocol.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 14, 2013.
Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Merkle & Lochter Expires November 14, 2013 [Page 1]
Internet-Draft ECC Brainpool Curves for TLS May 2013
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Values to be Used in the Supported Elliptic Curve Extension . 4
3. Security Considerations . . . . . . . . . . . . . . . . . . . 5
4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
5. Intellectual Property Rights . . . . . . . . . . . . . . . . . 7
6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8
6.1. Normative References . . . . . . . . . . . . . . . . . . . 8
6.2. Informative References . . . . . . . . . . . . . . . . . . 8
Appendix A. Test Vectors . . . . . . . . . . . . . . . . . . . . 10
A.1. 256 Bit Curve . . . . . . . . . . . . . . . . . . . . . . 10
A.2. 384 Bit Curve . . . . . . . . . . . . . . . . . . . . . . 11
A.3. 512 Bit Curve . . . . . . . . . . . . . . . . . . . . . . 11
Merkle & Lochter Expires November 14, 2013 [Page 2]
Internet-Draft ECC Brainpool Curves for TLS May 2013
1. Introduction
In [RFC5639], a new set of elliptic curve groups over finite prime
fields for use in cryptographic applications was specified. These
groups, denoted as ECC Brainpool curves, were generated in a
verifiably pseudo-random way and comply with the security
requirements of relevant standards from ISO [ISO1] [ISO2], ANSI
[ANSI1], NIST [FIPS], and SecG [SEC2].
Usage of elliptic curves for authentication and key agreement in TLS
1.0 and TLS 1.1 is defined in [RFC4492]. While the ASN.1 object
identifiers defined in [RFC5639] already allow usage of the ECC
Brainpool curves for TLS (client or server) authentication through
reference in X.509 certificates according to [RFC3279], their
negotiation for key exchange according to [RFC4492] requires the
definition and assignment of additional NamedCurve IDs. This
document specifies such values for three curves from [RFC5639].
Merkle & Lochter Expires November 14, 2013 [Page 3]
Internet-Draft ECC Brainpool Curves for TLS May 2013
2. Values to be Used in the Supported Elliptic Curve Extension
According to [RFC4492], the Supported Elliptic Curve Extension allows
the negotiation of elliptic curve groups during a handshake starting
a new TLS session. A client that proposes ECC cipher suites in its
ClientHello message SHOULD include this extension to indicate the
elliptic curves it supports through NamedCurve IDs, and a server that
receives a ClientHello containing this extension MUST use the
client's enumerated capabilities to guide its selection of an
Show full document text