FIPS Object Module 2.0 - Compliance with 186-3

John Foley Mon, 09 Jul 2012 12:56:16 -0700

According to the NIST web site, the 2.0 FIPS Object Module claimscompliance for FIPS 186-3 using the "Extra Random Bits" method for ECpublic key generation. This is taken from:


http://csrc.nist.gov/groups/STM/cavp/documents/dss/ecdsaval.html#270

The extra random bits method is defined in FIPS 186-3 Appendix B.4.1.After inspecting EC_KEY_generate_key(), it's not clear how therequirements in appendix B.4.1 have been met. The following code fromEC_KEY_generate_key() appears to be used to generate a random number tobe used as the private key.


    do
        if (!BN_rand_range(priv_key, order))
            goto err;
    while (BN_is_zero(priv_key));

Can someone explain how this complies with appendix B.4.1, which statesan additional 64 bits of random data should be generated when derivingthe key?


Thank you.

<<attachment: foleyj.vcf>>

FIPS Object Module 2.0 - Compliance with 186-3

Reply via email to