[146903] in cryptography@c2.net mail archive
Re: [Cryptography] [cryptography] SSH uses secp256/384r1 which has
daemon@ATHENA.MIT.EDU (Alexander Klimov)
Mon Sep 9 09:07:40 2013
X-Original-To: cryptography@metzdowd.com
Date: Mon, 9 Sep 2013 14:07:58 +0300
From: Alexander Klimov <alserkli@inbox.ru>
To: Daniel <kyhwana@gmail.com>
In-Reply-To: <CACt_CW=iDot69-vuFjd5oeT2YiY5=YuhsRtemB-BAoMMkeUuhA@mail.gmail.com>
Cc: Cryptography List <cryptography@metzdowd.com>, cryptography@randombit.net
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Mon, 9 Sep 2013, Daniel wrote:
> Is there anyone on the lists qualified in ECC mathematics that can
> confirm that?
NIST SP 800-90A, Rev 1 says:
The Dual_EC_DRBG requires the specifications of an elliptic curve and
two points on the elliptic curve. One of the following NIST approved
curves with associated points shall be used in applications requiring
certification under [FIPS 140]. More details about these curves may
be found in [FIPS 186], the Digital Signature Standard.
> And what ramifications it has, if any..
No. They are widely used curves and thus a good way to reduce
conspiracy theories that they were chosen in some malicious way to
subvert DRBG.
--
Regards,
ASK
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography