<html><head><style>body{font-family:Helvetica,Arial;font-size:13px}</style></head><body style="word-wrap:break-word"><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">Hi Adam,</div><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto"><br></div><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">Thanks for the offer! Our general criteria for inclusion of new hazmat modules is roughly:</div><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto"><br></div><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">* It should be something people have a need for. This can be satisfied by showing specs/protocols/etc that are in use that utilize the scheme (either currently existing or upcoming and clearly relevant)</div><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">* It should (subject to the caveat that we do need to support the use cases people have in real life) not be a giant footgun. Examples of things we'd love to *not* support in cryptography but are forced to due to popularity: RC4, PKCS1v1.5 padding, random obscure elliptic curves nobody uses.</div><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">* There should be test vectors available to confirm correctness. Preferably from a source like NIST if possible, but worst case generated (and verified) via multiple alternate implementations (we have examples of this in our docs).</div><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">* If it isn't directly implemented in OpenSSL then we need to have some degree of confidence it can be done safely (e.g. without introducing exploitable side channels) via composition.</div><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto"><br></div><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">So what currently uses ECIES?</div><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto"><br></div><div id="bloop_customfont" style="font-family:Helvetica,Arial;font-size:13px;color:rgba(0,0,0,1.0);margin:0px;line-height:auto">-Paul</div> <br> <div id="bloop_sign_1490119357571160064" class="bloop_sign"></div> <br><p class="airmail_on">On March 21, 2017 at 12:55:18 PM, French, Adam (<a href="mailto:afrench@illumina.com">afrench@illumina.com</a>) wrote:</p> <blockquote type="cite" class="clean_bq"><span><div style="word-wrap:break-word;color:rgb(0,0,0);font-size:16px;font-family:Calibri,sans-serif"><div></div><div>
<title></title>
<div>Hi everyone,</div>
<div><br></div>
<div>I’m currently working on a project where I need to use the
cryptography library to encrypt/decrypt a message using an elliptic
curve key pair.</div>
<div><br></div>
<div>The ‘Asymmetric algorithms’ -> ‘RSA’ section of the
official documentation includes sections on RSA
encryption/decryption using the OAEP scheme. In contrast, the
‘Asymmetric algorithms’ -> ‘Elliptic curve cryptography’ section
has no similar operations such as ECIES encryption and
decryption.</div>
<div><br></div>
<div>I’ve written an implementation of the ECIES scheme for
elliptic curve key pairs which builds on the other primitives
available through the cryptography library.</div>
<div><br></div>
<div>My boss is happy for me to spend some time creating a pull
request to share the implementation with the community. Do people
feel there would be sufficient interest for this to be worthwhile?
Is there a roadmap for elliptic curve functionality that I should
be aware of? It would be great to know how the project intends to
extend the elliptic curve interfaces in the future.</div>
<div><br></div>
<div>Thank you very much for your help.</div>
<div><br></div>
<div>Cheers,</div>
<div>Adam</div>
<div>
<div id="MAC_OUTLOOK_SIGNATURE"></div>
</div>
_______________________________________________
<br>Cryptography-dev mailing list
<br><a href="mailto:Cryptography-dev@python.org">Cryptography-dev@python.org</a>
<br><a href="https://mail.python.org/mailman/listinfo/cryptography-dev">https://mail.python.org/mailman/listinfo/cryptography-dev</a>
<br></div></div></span></blockquote></body></html>