ECC and smartcards

NIIBE Yutaka gniibe at fsij.org
Fri Feb 15 15:18:21 CET 2013


On 2013-02-15 at 13:53 +0100, Werner Koch wrote:
> How is ECDH implemented by other smartcard specs?

I don't have some spec of ECC smartcard at hand.  However, I could
guess.

Since such devices are highly recommended to follow standards and
validation programs, I'm sure that implementations have the interface
of ECC CDH (which is standard).

If it's better for OpenPGP card specification not to specific to
OpenPGP, how about One-Pass Diffie-Hellman method C(1, 1, ECC CDH)
only?  What PSO:DECRYPT command does is getting KEK, and it's
gpg-agent to use KEK to get SESSION-KEY.

This means that I don't need to implement AESwrap (unwrap, in fact)
for Gnuk.  Then, it's mostly ready.
-- 





More information about the Gnupg-devel mailing list