New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Key strength checking for ECDSA keys #158
Comments
jsha, is this 256-bit ECDSA keys ? :) |
Yes, we'll probably require a minimum of 256 bits for ECDSA keys. I believe there may be other strength checking requirements, similar to RSA keys. This ticket is to research what checks we need, then implement them. Interested? |
After skimming through a few papers I've put together a few notes on possible checks, I'll leave them here with links to the papers for anyone interested. I got somewhat (very) confused at some points with various different namings of the public parameters and some of the finite field maths so there is no guarantee any of this is correct... (hence links to papers for confirmation/clarification)
|
Yes, this fascinating. I will do the research on what checks we need and Thank you, Thulani Sent from my trusted minion, AES-256 Nexus Phone
|
Hi, is there no one here that can do the checks in GO ? https://github.com/letsencrypt/boulder/blob/master/core/good_key.go key.X big.Int := xQ http://csrc.nist.gov/groups/ST/toolkit/documents/SP800-56Arev1_3-8-07.pdf 5.6.2.5 ECC Full Public Key Validation Routine Input:
Process:
TODO translate to GO : IF( ((-1 * [key.X , key.Y]) + [key.X , key.Y])==[key.X , key.Y] THEN [key.X , key.Y] is the infinite point and there is an error
|
In #156 I only implemented RSA strength checking so far.
The text was updated successfully, but these errors were encountered: