OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [pkcs11] CKM_ECDH_AES_KEY_WRAP w/ pkcs11-kdf-ecdh impact

Hi 

In the case we move forward with pkcs11-kdf-ecdh as proposed by Mike, then pkcs11-ckm-ecdh-aes-key-wrap proposal would need to be updated to avoid usage of CKM_ECDH1_DERIVE .

Attached is an update to the pkcs11-ckm-ecdh-aes-key-wrap  document  to illustrate how it may look like, in such a case. However, I am not updating the ecdh proposal yet, until a decision is made on the pkcs11-kdf-ecdh .

Doron



-----Original Message-----
From: pkcs11@lists.oasis-open.org [mailto:pkcs11@lists.oasis-open.org] On Behalf Of Michael StJohns
Sent: Wednesday, July 10, 2013 11:49 PM
To: pkcs11@lists.oasis-open.org
Subject: [pkcs11] CKM_ECDH_AES_KEY_WRAP vote


The new mechanism uses CKM_ECDH1_DERIVE as the underlying ECDH mechanism.

During 2.30 we changed the text for CK_ECDH1_DERIVE_PARAMS to remove an ambiguity on what the format of the provided public key (from the other
side) was.  It turned out that there were at least two different interpretations including treating it as an ASN1 encoded EC_POINT and as an X9.63 public key (1 byte of format), and possibly three (raw x and y values without the format).

What we probably should have done was deprecate the mechanism and create two new ones with the new interpetation (ala what we did with PBKDF2).

In addition, the current mechanisms don't include definitions for generic KDFs and for the SP800-56A ECDH variants.


pkcs11-kdf-ecdh addresses those issues.

For CKM_ECDH_AES_KEY_WRAP, I'd like to actually defer this if there's 
any chance we're going to deprecate CKM_ECDH1_DERIVE and its ilk and 
then rewrite it so it can use either the X9.63 or the SP800-56A ECDH 
variants.

Mike


The information contained in this electronic mail transmission 
may be privileged and confidential, and therefore, protected 
from disclosure. If you have received this communication in 
error, please notify us immediately by replying to this 
message and deleting it from your computer without copying 
or disclosing it.

Attachment: pkcs11-ckm-ecdh-aes-key-wrap-r1-6-wKDF change.doc
Description: pkcs11-ckm-ecdh-aes-key-wrap-r1-6-wKDF change.doc

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]