2020-12-17 03:10:03

by yumeng

[permalink] [raw]
Subject: Re: [PATCH v4 4/5] crypto: hisilicon/hpre - add 'ECDH' algorithm



在 2020/12/17 4:10, Stephan Mueller 写道:
> Am Mittwoch, dem 16.12.2020 um 10:39 +0800 schrieb yumeng:
>>
>>
>>
>>> Am Freitag, den 11.12.2020, 14:30 +0800 schrieb Meng Yu:
>>>>
>>>> +/* size in bytes of the n prime */
>>>> +#define HPRE_ECC_NIST_P128_N_SIZE      16
>>>
>>> Do we truly need P-128? Besides, I do not see that curve being defined in
>>> contemporary cipher specs.
>>>
>>>> +#define HPRE_ECC_NIST_P192_N_SIZE      24
>>>> +#define HPRE_ECC_NIST_P224_N_SIZE      28
>>>> +#define HPRE_ECC_NIST_P256_N_SIZE      32
>>>> +#define HPRE_ECC_NIST_P320_N_SIZE      40
>>>
>>> Do we truly need P-320? Besides, I do not see that curve being defined in
>>> contemporary cipher specs.
>>
>> Yes, in rfc 5903, only P-256, P-384 and P-521 is defined, but in
>> 'rfc5639' and  "SEC 2: Recommended Elliptic Curve Domain Parameters",
>> other curves like P-128, P-192, P-224, and P-320 curve parameters are
>> found, and they are used in 'openssl';
>> How about your idea?
>
> Who is going to use that curve considering that common protocols that are
> implemented in the kernel do not use it?
>
> Thanks
> Stephan
>

I see in "SEC 2: Recommended Elliptic Curve Domain ParametersVersion2.0"
that 'Recommend Elliptic Curve Domain Parameters over Fp' are secp192,
secp224, secp256, secp384, and secp521, secp128 and secp320 are not
recommended.
So you mean it's better not to include secp128 and secp320, right?

Thanks,