Thank you for bringing up this issue. If there is broader demand for NIST P-256, we certainly can consider adding it to the draft. In any case, it would make sense to have two different curves in the specification to facilitate interoperability testing of the cryptosuite negotiation. At this point, maybe we can work on the interoperability first and then decide on the specific curves. The selection of curves will probably require broader community input, for example from SAAG.
Tuomas -----Original Message----- From: Emu <emu-boun...@ietf.org> On Behalf Of Eduardo Inglés UM Sent: Thursday, June 20, 2019 1:23 PM To: emu@ietf.org Subject: [Emu] Support of NIST P-256 in EAP-NOOB Importance: High Hi again, I am currently implementing EAP-NOOB on Zolertia Firefly boards (https://zolertia.io/product/firefly/). The board provides hardware acceleration for ECC operations. However, currently the API only supports ECDHE with NIST P-256 and EAP-NOOB draft only mentions the cryptosuite x25519 in Section 4.1. I know that IETF likes the curve x25519, which has been specified through the CFRG process. Besides that, I see that many other platforms only support NIST P-256 in hardware. Thus, I wonder if it would be possible to support NIST P-256 to the draft? In this draft (https://tools.ietf.org/html/draft-ietf-lwig-curve-representations-06) I see that perhaps it is possible to use the code NIST P-256 for doing x25519. However, I have no coding expertise in cryptographic encoding to do that. Hence authors, do you want to support another curve? Regards, Eduardo Inglés. _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu _______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu