RE: deaft-gree-sedsh-ecc-08: small correction

To: Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost>
Subject: RE: deaft-gree-sedsh-ecc-08: small correction
From: Damien Miller <djm%mindrot.org@localhost>
Date: Wed, 18 Aug 2010 12:35:32 +1000 (EST)

On Wed, 18 Aug 2010, Damien Miller wrote:

> On Sat, 14 Aug 2010, Peter Gutmann wrote:
> 
> >    All elliptic curve public keys MUST be validated after they are
> >    received.  An example of a validation algorithm can be found in
> >    Section 3.2.2 of [SEC1].  If a key fails validation, the key exchange
> >    MUST fail.
> > 
> > so it appears this is already covered.  The checks I have, from X9.62, are:
> > 
> > 	/* Verify that the public key parameter sizes are valid:
> > 
> > 		qx, qy >= MIN_PKCSIZE_ECC, qx, qy <= p - 1 */
> 
> What do you use as this minimium? AFAIK SEC1 doesn't specify this check, but
> I guess it should be at least 2 and probabalistically something less than
> p/4 or so (for p of a hundred bits or more)

oops, I meant "a number about 1/4 the length of p"

Follow-Ups:
- RE: deaft-gree-sedsh-ecc-08: small correction
  - From: Peter Gutmann

References:
- RE: deaft-gree-sedsh-ecc-08: small correction
  - From: Peter Gutmann
- RE: deaft-gree-sedsh-ecc-08: small correction
  - From: Damien Miller

Prev by Date: RE: deaft-gree-sedsh-ecc-08: small correction
Next by Date: RE: deaft-gree-sedsh-ecc-08: small correction
Previous by Thread: RE: deaft-gree-sedsh-ecc-08: small correction
Next by Thread: RE: deaft-gree-sedsh-ecc-08: small correction
Indexes:

Home | Main Index | Thread Index | Old Index