For those who care about next generation crypto directions
(like TLS 1.3 requirements and recommendations), from the
IRTF Cryptography Research Group list.
PS - A related acronym to NUMS ("Nothing Up My Sleeve")
is NUTS ("Nothing Up Their Sleeve"), an oblique reference
to some government agencies...
---------- Forwarded message ----------
From: Brian LaMacchia <bal at microsoft.com>
Date: Mon, Jun 30, 2014 at 3:58 AM
Subject: [Cfrg] Announcing the availability of the MSR Elliptic Curve
Cryptography Library for NUMS Curves
To: "cfrg at ietf.org" <cfrg at ietf.org>, "tls at ietf.org" <tls at ietf.org>
Dear members of the IRTF CFRG and the IETF TLS WG,
On behalf of the Microsoft Research ECCLib Project, I am pleased to
announce the first release of the Microsoft Research Elliptic Curve
Cryptography Library (ECCLib) for NUMS ("Nothing Up My Sleeve") curves. We
are releasing ECCLib under the Apache 2.0 License. Here is a link to the
project page and download location:
The MSR ECCLib is an efficient cryptography library that provides functions
for computing essential elliptic curve operations on a new set of
high-security curves as previously described in  and presented at the
CFRG Spring 2014 Interim Meeting (see  for a copy of the slides from
that presentation). All computations in ECCLib on secret data exhibit
regular, constant-time execution, providing protection against timing and
ECCLib supports six high-security elliptic curves proposed in , which
cover three security levels (128-, 192-, and 256-bit security) and two
curve models. The curves have a very simple and deterministic generation
with minimal room for parameter manipulation. ECCLib includes all the ECC
functions necessary to implement most popular elliptic curve-based schemes.
In particular, ECCLib supports the computation of scalar multiplication for
the six curves above in three variants:
1. Variable-base scalar multiplication (e.g., this is used for
computing the shared key in the Diffie-Hellman key exchange).
2. Fixed-base scalar multiplication (e.g., this is used for key
generation in the Diffie-Hellman key exchange).
3. Double-scalar multiplication. This operation is typically used
for verifying signatures.
As both the CFRG and the TLS WG are currently considering additional curves
for elliptic curve cryptography, we hope that this contribution (in
addition to the technical paper previously presented) will further a
thoughtful discussion concerning what new curves CFRG should recommend and
TLS should consider for inclusion. We welcome questions/comments/feedback
on this library; please send them to msrsc at microsoft.com.
Please Note: the version of ECCLib that we are releasing today is for x64
platforms with AVX and builds with the Microsoft Visual Studio toolchain.
We are actively working on both a version that builds with GCC and also a
portable C version and hope to add these to the release in the near future.
 Joppe W. Bos, Craig Costello, Patrick Longa and Michael Naehrig,
"Selecting Elliptic Curves for Cryptography: An Efficiency and Security
Analysis", Cryptology ePrint Archive: Report 2014/130. Available at:
Cfrg mailing list
Cfrg at irtf.orghttp://www.irtf.org/mailman/listinfo/cfrg
-------------- next part --------------
An HTML attachment was scrubbed...