Hi Everyone, I don't have time at the moment to check this...
FIPS 186-4 updates DSS. Confer, http://csrc.nist.gov/groups/ST/toolkit/documents/FIPS186-3_ChangeNotice041012.pdf. I want to know about "5. Processing Step Error in the Secret Number Generation for ECDSA" because Crypto++ can operate on curves with a non-0 cofactor: In Appendices B.5.1 and B.5.2, processing step 1 (i.e., N = len(q)) is incorrect. This change notice specifies the following change to step 1: “N = len(n),” ; i.e., “q” is changed to “n”. This change may be significant if the cofactor is greater than one; for the NIST-recommended curves, the cofactor is one, so in this case, both values produce the same value for N. A cofactor of 2 and 4 are common. Crypto++ operates on ANSI X9.62 and WTLS curves, and some of them have a cofactor that is quite large. We are tracking this at "Verify conformance with FIPS 186-4, Item 5 change", https://github.com/weidai11/cryptopp/issues/51. Can someone step the code and ensure the FIPS 186-4 constraint is being satisfied? Jeff -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
