[Cryptography Team] ECC and/or NSA Suite B?
Ron Teitelbaum
Ron at USMedRec.com
Fri Nov 24 22:52:14 UTC 2006
What I see in this guide is a mention of ECC as a TLS protocol. Not much
else. That matches what I saw earlier.
I sent a email to the TLS task force and got this as a reply:
http://en.wikipedia.org/wiki/Elliptic_curve_cryptography#Open-source_impleme
ntations My guess is that we will be able to move forward but we need to do
it carefully to make sure we implement the right stuff so that we can
redistribute it properly. Also if we need special permission/licensing then
we should get that before posting code to the repository. It's very cool!
Thanks Tim for getting this ball rolling.
I'll try to summarize what we found next week and send it off to our lawyer
for an opinion. Thank you everyone for your help in figuring this out. If
you find more information or have time to summarize what you found please
keep the emails coming.
Ron Teitelbaum
> -----Original Message-----
> From: cryptography-bounces at lists.squeakfoundation.org
> [mailto:cryptography-bounces at lists.squeakfoundation.org] On Behalf Of
> Cerebus
> Sent: Friday, November 24, 2006 4:02 PM
> To: Cryptography Team Development List
> Subject: Re: Re: [Cryptography Team] ECC and/or NSA Suite B?
>
> On 11/24/06, Matthew S. Hamrick <mhamrick at cryptonomicon.net> wrote:
> > Actually, they're distinct sets. FIPS-140 supports ECDSA, but not
> > EQMV or EQDH.
>
> DH, ECDH, MQV, and ECMQV key establishment is covered in FIPS 140-2
> Implementation Guidance, section 7.1.
>
> http://csrc.nist.gov/cryptval/140-1/FIPS1402IG.pdf
>
> (Don't ask me why this is under CSRC's 140-*1* directory, but it *is*
> the 140-2 guidance.)
>
> > Another thing to note... FIPS-140 supports ciphers that are insecure.
> > Namely, DES.
>
> Not since 19 May 2005, when DES was formally withdrawn. DES is no
> longer allowed.
>
> -- Tim
> _______________________________________________
> Cryptography mailing list
> Cryptography at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
More information about the Cryptography
mailing list