RE: deaft-gree-sedsh-ecc-08: small correction

To: Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost>
Subject: RE: deaft-gree-sedsh-ecc-08: small correction
From: Damien Miller <djm%mindrot.org@localhost>
Date: Wed, 18 Aug 2010 07:46:05 +1000 (EST)

On Sat, 14 Aug 2010, Peter Gutmann wrote:

>    All elliptic curve public keys MUST be validated after they are
>    received.  An example of a validation algorithm can be found in
>    Section 3.2.2 of [SEC1].  If a key fails validation, the key exchange
>    MUST fail.
> 
> so it appears this is already covered.  The checks I have, from X9.62, are:
> 
> 	/* Verify that the public key parameter sizes are valid:
> 
> 		qx, qy >= MIN_PKCSIZE_ECC, qx, qy <= p - 1 */

What do you use as this minimium? AFAIK SEC1 doesn't specify this check, but
I guess it should be at least 2 and probabalistically something less than
p/4 or so (for p of a hundred bits or more)

-d

Follow-Ups:
- RE: deaft-gree-sedsh-ecc-08: small correction
  - From: Damien Miller

References:
- RE: deaft-gree-sedsh-ecc-08: small correction
  - From: Peter Gutmann

Prev by Date: RE: deaft-gree-sedsh-ecc-08: small correction
Next by Date: RE: deaft-gree-sedsh-ecc-08: small correction
Previous by Thread: RE: deaft-gree-sedsh-ecc-08: small correction
Next by Thread: RE: deaft-gree-sedsh-ecc-08: small correction
Indexes:

Home | Main Index | Thread Index | Old Index