MozillaWiki

VE 07KeyMgmt: Difference between revisions

Page Discussion

VE 07KeyMgmt (view source)

Revision as of 23:14, 18 August 2009

57 bytes removed ,  18 August 2009
m
→‎Key Generation
 
Line 46: Line 46:
ECDSA public and private keys are generated using the method specified in ANSI X9.62-1998.
ECDSA public and private keys are generated using the method specified in ANSI X9.62-1998.


'''Security of key generation method:''' The seed-key, ''XKEY'', of the Approved RNG is 256 bits. The keys generated by the NSS cryptographic module have at most 256 bits of security. (See NIST [http://csrc.nist.gov/publications/nistpubs/800-57/SP800-57-Part1.pdf Special Publication (SP) 800-57 Part 1], Table 2 in Section 5.6.1 on page 63.) Therefore, compromising the security of the key generation method (e.g., guessing the seed value to initialize the Approved RNG) requires at least as many operations as determining the value of the generated key.
'''Security of key generation method:''' The keys generated by the NSS cryptographic module have at most 256 bits of security. (See NIST [http://csrc.nist.gov/publications/nistpubs/800-57/SP800-57-Part1.pdf Special Publication (SP) 800-57 Part 1], Table 2 in Section 5.6.1 on page 63.) Therefore, compromising the security of the key generation method (e.g., guessing the seed value to initialize the Approved RNG) requires at least as many operations as determining the value of the generated key.


The initial value of ''XKEY'' is derived using the following procedure.
The initial value of ''XKEY'' is derived using the following procedure.
Glen
219

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/162820"