Re: FIPS mode
On Fri, 2003-09-05 at 19:59, Ben Laurie wrote: Mathias Brossard wrote: - Asymmetric: DSA, RSA, ECDSA Not my understanding. Anyway, DSS only. RSA can't be, and ECDSA we aren't doing. It's a little disappointing that RSA is not part of the process (it is much more common than DSA). Looking at the list of validated modules http://csrc.nist.gov/cryptval/140-1/1401val.htm I see in the field FIPS-approved algorithms the value RSA (PKCS #1, vendor affirmed). Will you as a 'vendor' claim that OpenSSL is compliant with RSA PKCS#1 ? As a side note it seems that since 09/05/2003, Crypto++ is on the list FIPS 140-2 Level 1 with certificate #343. Sincerely, -- Mathias Brossard [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: FIPS mode
Mathias Brossard wrote: On Fri, 2003-09-05 at 19:59, Ben Laurie wrote: Mathias Brossard wrote: - Asymmetric: DSA, RSA, ECDSA Not my understanding. Anyway, DSS only. RSA can't be, and ECDSA we aren't doing. It's a little disappointing that RSA is not part of the process (it is much more common than DSA). Looking at the list of validated modules http://csrc.nist.gov/cryptval/140-1/1401val.htm I see in the field FIPS-approved algorithms the value RSA (PKCS #1, vendor affirmed). Will you as a 'vendor' claim that OpenSSL is compliant with RSA PKCS#1 ? Yes. As a side note it seems that since 09/05/2003, Crypto++ is on the list FIPS 140-2 Level 1 with certificate #343. So I've heard. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: FIPS mode
Mathias Brossard wrote: It's a little disappointing that RSA is not part of the process (it is much more common than DSA). Looking at the list of validated modules http://csrc.nist.gov/cryptval/140-1/1401val.htm I see in the field FIPS-approved algorithms the value RSA (PKCS #1, vendor affirmed). Will you as a 'vendor' claim that OpenSSL is compliant with RSA PKCS#1 ? I believe that this is an artifact of the policy being adopted while the RSA patent was in force. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
testing residuosity, composite modulo
Dear list, did anyone implement a test for a given A an X exists that X ^ k == A (mod N) for a composite N = p*q with q and q being known primes? Any good math paper? thank you, Vadim __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Generating a symmetric key
Hi everyone, I'm trying to implement security in an agent based auction system (MAGNET), in which a submitter sends a bid encrypted with a session key, which in turn is encrypted using time-lock crypto. The session key is sent after the auction is complete. My problem is generating an individual symmetric key which can be used as a session key. I looked at all symmetric crypto functions, but didn't seem to find one that could generate a key on its own. Maybe I overlooked something. Anyone have any suggestions? thanks, Ashu -- http://www.jaiashu.com/ - "I would like to change the world, but they wont tell me the source code" smime.p7s Description: S/MIME Cryptographic Signature