Hello,
During package review of the fiat-crypto Rust library, I noticed that it contains an implementation of an elliptic curve (p434) which isn't mentioned on the "good" list here: https://fedoraproject.org/wiki/Legal:ECC
I also can't find any references or sources for this curve (search results for P-434, p434, and curve434 all come up empty). The only mention of "p434" with respect to cryptography is in this Microsoft project: https://github.com/microsoft/PQCrypto-SIDH
And looking at the source code, I'm not even sure whether the P-434 curve in fiat-crypto is at all related to SIKEp434 / SIDHp434 schemes that are mentioned there, other than the fact that they happen to be based on the same prime number (2^216 * 3^137 - 1).
Given that there's no mention of any elliptic curves that use p434 on the internet (that I could find), is it OK to ship it in a Fedora package, or do we need to remove it from the sources?
ref. https://bugzilla.redhat.com/show_bug.cgi?id=2005536
Fabio
On Fri, Nov 4, 2022 at 4:25 PM Fabio Valentini decathorpe@gmail.com wrote:
Hello,
During package review of the fiat-crypto Rust library, I noticed that it contains an implementation of an elliptic curve (p434) which isn't mentioned on the "good" list here: https://fedoraproject.org/wiki/Legal:ECC
I also can't find any references or sources for this curve (search results for P-434, p434, and curve434 all come up empty). The only mention of "p434" with respect to cryptography is in this Microsoft project: https://github.com/microsoft/PQCrypto-SIDH
And looking at the source code, I'm not even sure whether the P-434 curve in fiat-crypto is at all related to SIKEp434 / SIDHp434 schemes that are mentioned there, other than the fact that they happen to be based on the same prime number (2^216 * 3^137 - 1).
Given that there's no mention of any elliptic curves that use p434 on the internet (that I could find), is it OK to ship it in a Fedora package, or do we need to remove it from the sources?
The linked package review is still blocked by this issue six months later :( Any idea what I can do to move this forward?
Fabio
On Sun, Apr 30, 2023 at 7:01 AM Fabio Valentini decathorpe@gmail.com wrote:
On Fri, Nov 4, 2022 at 4:25 PM Fabio Valentini decathorpe@gmail.com wrote:
Hello,
During package review of the fiat-crypto Rust library, I noticed that it contains an implementation of an elliptic curve (p434) which isn't mentioned on the "good" list here: https://fedoraproject.org/wiki/Legal:ECC
I also can't find any references or sources for this curve (search results for P-434, p434, and curve434 all come up empty). The only mention of "p434" with respect to cryptography is in this Microsoft project: https://github.com/microsoft/PQCrypto-SIDH
And looking at the source code, I'm not even sure whether the P-434 curve in fiat-crypto is at all related to SIKEp434 / SIDHp434 schemes that are mentioned there, other than the fact that they happen to be based on the same prime number (2^216 * 3^137 - 1).
Given that there's no mention of any elliptic curves that use p434 on the internet (that I could find), is it OK to ship it in a Fedora package, or do we need to remove it from the sources?
The linked package review is still blocked by this issue six months later :( Any idea what I can do to move this forward?
Unfortunately I am pretty sure it won't be possible to get a resolution on this any time soon.
Richard
On Sun, Apr 30, 2023 at 4:05 PM Richard Fontana rfontana@redhat.com wrote:
On Sun, Apr 30, 2023 at 7:01 AM Fabio Valentini decathorpe@gmail.com wrote:
On Fri, Nov 4, 2022 at 4:25 PM Fabio Valentini decathorpe@gmail.com wrote:
Hello,
During package review of the fiat-crypto Rust library, I noticed that it contains an implementation of an elliptic curve (p434) which isn't mentioned on the "good" list here: https://fedoraproject.org/wiki/Legal:ECC
I also can't find any references or sources for this curve (search results for P-434, p434, and curve434 all come up empty). The only mention of "p434" with respect to cryptography is in this Microsoft project: https://github.com/microsoft/PQCrypto-SIDH
And looking at the source code, I'm not even sure whether the P-434 curve in fiat-crypto is at all related to SIKEp434 / SIDHp434 schemes that are mentioned there, other than the fact that they happen to be based on the same prime number (2^216 * 3^137 - 1).
Given that there's no mention of any elliptic curves that use p434 on the internet (that I could find), is it OK to ship it in a Fedora package, or do we need to remove it from the sources?
The linked package review is still blocked by this issue six months later :( Any idea what I can do to move this forward?
Unfortunately I am pretty sure it won't be possible to get a resolution on this any time soon.
Ok, so ... I'm pretty sure we actually don't *need* the affected code. Would removing all p434 related code from the sources entirely (to be on the safe side), and building the package without support for this curve, be an acceptable solution until the legal status is cleared up? All other elliptic curves that are supported by the package are explicitly listed as OK in the docs.
Fabio
On Sun, Apr 30, 2023 at 10:11 AM Fabio Valentini decathorpe@gmail.com wrote:
On Sun, Apr 30, 2023 at 4:05 PM Richard Fontana rfontana@redhat.com wrote:
On Sun, Apr 30, 2023 at 7:01 AM Fabio Valentini decathorpe@gmail.com wrote:
On Fri, Nov 4, 2022 at 4:25 PM Fabio Valentini decathorpe@gmail.com wrote:
Hello,
During package review of the fiat-crypto Rust library, I noticed that it contains an implementation of an elliptic curve (p434) which isn't mentioned on the "good" list here: https://fedoraproject.org/wiki/Legal:ECC
I also can't find any references or sources for this curve (search results for P-434, p434, and curve434 all come up empty). The only mention of "p434" with respect to cryptography is in this Microsoft project: https://github.com/microsoft/PQCrypto-SIDH
And looking at the source code, I'm not even sure whether the P-434 curve in fiat-crypto is at all related to SIKEp434 / SIDHp434 schemes that are mentioned there, other than the fact that they happen to be based on the same prime number (2^216 * 3^137 - 1).
Given that there's no mention of any elliptic curves that use p434 on the internet (that I could find), is it OK to ship it in a Fedora package, or do we need to remove it from the sources?
The linked package review is still blocked by this issue six months later :( Any idea what I can do to move this forward?
Unfortunately I am pretty sure it won't be possible to get a resolution on this any time soon.
Ok, so ... I'm pretty sure we actually don't *need* the affected code. Would removing all p434 related code from the sources entirely (to be on the safe side), and building the package without support for this curve, be an acceptable solution until the legal status is cleared up?
Yes, that's an acceptable solution in the meantime.
Richard