ecc.c data structures

Sergi Blanch i Torné sergi at calcurco.cat
Mon Dec 28 12:03:25 CET 2009


On Monday 28 December 2009 11:09:56 am Werner Koch wrote:
> With the draft you probably mean the OpenPGP ECC draft.
>
> This is not relevant for Libgcrypt.  Libgcrypt has and should not have
> an idea of a concrete crypto protocol.  What Libgcrypt provides are
> cryptographic building blocks and not protocol implementations.

yes, current draft http://tools.ietf.org/id/draft-jivsov-openpgp-ecc-04.txt

The algorithm makes a hash using a key derivation function (KDF, section 7) 
using a counter, the x coordinate of the share point and a concatenation that 
includes the receiver fingerprint:
Param = curve_OID_len || curve_OID || public_key_alg_ID ||
           01 || KDF_hash_ID || AES_alg_ID for AESKeyWrap ||
          "AnonymousSender" || recipient_fingerprint

I don't know how to find the last element of this concatenation.

Sooner or later this KDF has to live out of the ecc module like the aeswrap 
does.

/Sergi.



More information about the Gcrypt-devel mailing list