219
edits
VE 07KeyMgmt: Difference between revisions
m
→Key Generation
m (→Key Generation) |
|||
| (2 intermediate revisions by 2 users not shown) | |||
| Line 20: | Line 20: | ||
#* Diffie-Hellman public keys and private keys (used for key agreement) | #* Diffie-Hellman public keys and private keys (used for key agreement) | ||
#* EC Diffie-Hellman public keys and private keys (used for key agreement) | #* EC Diffie-Hellman public keys and private keys (used for key agreement) | ||
#* TLS premaster secret (used in deriving the TLS master secret) | #* TLS premaster secret (used in deriving the TLS master secret) | ||
#* TLS master secret (used in the generation of symmetric cipher keys, IVs, and MAC secrets for TLS) | #* TLS master secret (used in the generation of symmetric cipher keys, IVs, and MAC secrets for TLS) | ||
| Line 47: | Line 46: | ||
ECDSA public and private keys are generated using the method specified in ANSI X9.62-1998. | ECDSA public and private keys are generated using the method specified in ANSI X9.62-1998. | ||
'''Security of key generation method:''' | '''Security of key generation method:''' The keys generated by the NSS cryptographic module have at most 256 bits of security. (See NIST [http://csrc.nist.gov/publications/nistpubs/800-57/SP800-57-Part1.pdf Special Publication (SP) 800-57 Part 1], Table 2 in Section 5.6.1 on page 63.) Therefore, compromising the security of the key generation method (e.g., guessing the seed value to initialize the Approved RNG) requires at least as many operations as determining the value of the generated key. | ||
The initial value of ''XKEY'' is derived using the following procedure. | The initial value of ''XKEY'' is derived using the following procedure. | ||
| Line 140: | Line 139: | ||
=Random Number Generator= | =Random Number Generator= | ||
There is only one random number generator (RNG) used in the NSS cryptographic module. The RNG is an Approved RNG, implementing Algorithm Hash_DRBG of [http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf SP 800-90]. (The RNG validation certificate is [http://csrc.nist.gov/cryptval/rng/rngval.html#208 Cert# 208 NEEDSUPDATEFOR_3_12_X].) The Approved RNG is used within the NSS cryptographic module for all cryptographic purposes, including the generation of cryptographic keys used by an Approved security function. | There is only one random number generator (RNG) used in the NSS cryptographic module. The RNG is an Approved RNG, implementing Algorithm Hash_DRBG of [http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf NIST SP 800-90]. (The RNG validation certificate is [http://csrc.nist.gov/cryptval/rng/rngval.html#208 Cert# 208 NEEDSUPDATEFOR_3_12_X].) The Approved RNG is used within the NSS cryptographic module for all cryptographic purposes, including the generation of cryptographic keys used by an Approved security function. | ||
=Key Zeroization= | =Key Zeroization= | ||