On Mon, Aug 22, 2016 at 10:48 PM, Tony Arcieri <[email protected]> wrote:
> On Mon, Aug 22, 2016 at 4:48 PM, Phillip Hallam-Baker < > [email protected]> wrote: > >> I suggested followups to the [email protected] mailing list rather than >> CFRG though. >> > > Ok, CC'd! That said, here's a followup: > > I was kind of confused why you cite RFC7748, but then go on to explain > things in terms of classical Diffie-Hellman. > A limitation in my development environment. I have classical DH and NIST curves. But I don't have the new curves or the abilty to do the EC math outside the crypto library so I can't to the recryption at the mo. As far as an ECC-based approach goes, I think something like the multiparty > Signal protocol[1] is a good starting point for how to solve the general > problem, and, as far as I can tell, addresses most of the concerns you > cited as a motivation. > > The specific approach you detailed could be adapted to ECC as well. > > [1] I'm not sure there's a more recent overview than this, which is > probably out-of-date: https://whispersystems.org/blog/private-groups/ > > The math is very similar and they can probably adapt very easily. The difference is that their problem statement is for synchronous communication with all the parties present for the key exchange. Recryption allows the asynchronous case to be supported as well. The CDC problem is essentially the problem of how do I mark a document with a security label in a way that the administrator of the security label can grant access to a new reader by adding them to the label. I will read up on that though, thanks!
_______________________________________________ Endymail mailing list [email protected] https://www.ietf.org/mailman/listinfo/endymail
