I'd also add that any primitives we expose need to be standardized and interoperable. Does ECIES have a standard syntax/serialization/etc.?
Alex On Tue, Mar 21, 2017 at 2:14 PM, Paul Kehrer <paul.l.keh...@gmail.com> wrote: > Hi Adam, > > Thanks for the offer! Our general criteria for inclusion of new hazmat > modules is roughly: > > * It should be something people have a need for. This can be satisfied by > showing specs/protocols/etc that are in use that utilize the scheme (either > currently existing or upcoming and clearly relevant) > * It should (subject to the caveat that we do need to support the use > cases people have in real life) not be a giant footgun. Examples of things > we'd love to *not* support in cryptography but are forced to due to > popularity: RC4, PKCS1v1.5 padding, random obscure elliptic curves nobody > uses. > * There should be test vectors available to confirm correctness. > Preferably from a source like NIST if possible, but worst case generated > (and verified) via multiple alternate implementations (we have examples of > this in our docs). > * If it isn't directly implemented in OpenSSL then we need to have some > degree of confidence it can be done safely (e.g. without introducing > exploitable side channels) via composition. > > So what currently uses ECIES? > > -Paul > > > On March 21, 2017 at 12:55:18 PM, French, Adam (afre...@illumina.com) > wrote: > > Hi everyone, > > I’m currently working on a project where I need to use the cryptography > library to encrypt/decrypt a message using an elliptic curve key pair. > > The ‘Asymmetric algorithms’ -> ‘RSA’ section of the official documentation > includes sections on RSA encryption/decryption using the OAEP scheme. In > contrast, the ‘Asymmetric algorithms’ -> ‘Elliptic curve cryptography’ > section has no similar operations such as ECIES encryption and decryption. > > I’ve written an implementation of the ECIES scheme for elliptic curve key > pairs which builds on the other primitives available through the > cryptography library. > > My boss is happy for me to spend some time creating a pull request to > share the implementation with the community. Do people feel there would be > sufficient interest for this to be worthwhile? Is there a roadmap for > elliptic curve functionality that I should be aware of? It would be great > to know how the project intends to extend the elliptic curve interfaces in > the future. > > Thank you very much for your help. > > Cheers, > Adam > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev@python.org > https://mail.python.org/mailman/listinfo/cryptography-dev > > > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev@python.org > https://mail.python.org/mailman/listinfo/cryptography-dev > > -- "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) "The people's good is the highest law." -- Cicero GPG Key fingerprint: D1B3 ADC0 E023 8CA6
_______________________________________________ Cryptography-dev mailing list Cryptography-dev@python.org https://mail.python.org/mailman/listinfo/cryptography-dev
