On Thursday, November 21, 2013 1:24:26 PM UTC-5, James Bishop wrote: > > Good evening, > > I've been trying to implement compact public key signatures for use over > low bandwidth channels. I think I've nailed down the ECNR signature with > message recovery scheme, as defined in the ISO / IEC 9796-3 standard. > > I also implemented a message recovery signature based on a modified DSA > scheme (described in Advances in Cryptology — EUROCRYPT'94 Lecture Notes > in Computer Science Volume 950, 1995, pp 182-193). > > The aim was to produce EC signatures with message recovery using private > keys stored in an HSM because DSA seems to be the only EC signature > scheme accessible through the PKCS#11 API. However I expect that FIPS > certified hardware will only produce DSA signatures with appendix. Can > anyone confirm this? >
The library can use both recovery and appendix schemes, but I don't recall if it can use PSSR with ECNR. FIPS has nothing to do with it from Crypto++'s standpoint. FIPS 140-2 will restrict signature schemes to what's in FIPS 186-3 or DSS. DSS only includes 3 schemes, and it does not include NR or ECNR. Jeff -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
