Fingerprint mismatch for 384-bit ECDH keys generated on SmartCards
NIIBE Yutaka
gniibe at fsij.org
Wed Mar 13 01:27:27 CET 2019
Trevor Bentley via Gnupg-devel <gnupg-devel at gnupg.org> wrote:
> I would assume that the definition in ecdh.c should have been
> CIPHER_ALGO_AES192...
I agree.
In the Section 13 of RFC-6637, an implementation SHOULD use symmetric
key size 192 for ECC strength of 384. It also says that (a stronger
hash algorithm or) a stronger symmetric key algorithm MAY be used, so,
use of CIPHER_ALGO_AES256 was not 100% wrong, and is considered OK (if
it matches the behavior on smartcard).
I fixed ecdh.c for master.
> I did verify that changing it fixes the mismatch and allows importing
> into OpenKeychain. But maybe changing it now breaks all existing
> keys?
IIUC, kek_params_table is only used for key generation. How does the
change break existing keys? I wonder.
--
More information about the Gnupg-devel
mailing list