RE: [pkcs11] Minutes 12-January-2022

Greg, all,

thanks for the minutes.

On ECDH keywrap I guess youâre citing me wrong. Itâs the opposite: the existing CKM_ECDH1_DERIVE and CKM_ECDH_AES_KEY_WRAP *do* work with Montgomery keys. Therefore, my original intention was to deprecate CKM_ECDH_AES_KEY_WRAP for Weierstrass curves only. And do this already in v3.1 â the deprecation note is already in the latest WD.

The result of the TC meeting discussion was to

Remove the deprecation note completely, i.e. deprecate existing CKM_ECDH_AES_KEY_WRAP only when we have something new (although currently it cannot be used since itâs not cleanly definedâ)
Add *two* new mechanisms, one working with Montgomery curves (i.e. actually just a new name for CKM_ECDH_AES_KEY_WRAP) and another new one working with Weierstrass curves (this is the CKM_ECDH_COF_AES_KEY_WRAP that was already in my proposal)

Correct?

What about CKM_ECDH_X_AES_KEY_WRAP for Montgomery mechanism since it uses the Xâ() function for DH (RFC7748)?

For the structure packing, Iâve just uploaded a new version.

Best,

Daniel

From: pkcs11@lists.oasis-open.org <pkcs11@lists.oasis-open.org> On Behalf Of Greg Scott
Sent: Montag, 17. Januar 2022 07:59
To: pkcs11@lists.oasis-open.org
Subject: [pkcs11] Minutes 12-January-2022

Hi Folks,

The minutes from the last meeting are available for review at https://wiki.oasis-open.org/pkcs11/MeetingMinutes01122022

Please do let me know if you spot any errors.

Regards,

-Greg

Greg Scott

E: greg.scott@cryptsoft.com

M: +61 406 255 166

pkcs11 message