> From: owner-openssl-us...@openssl.org On Behalf Of jeetendra gangele > Sent: Monday, 17 December, 2012 13:17
> HI for ECDH can I use the HAs256 algorithm. > > I have gone through the inside DS and written this piece of code and > it worked also. > But here how can U sesha256 ,when i used i am getting the error. > How can i use here sha256? > <snip> > aout = ECDH_compute_key(abuf, alen, EC_KEY_get0_public_key(ecdh2), > ecdh, KDF1_SHA1); What is KDF1_SHA1? If it's copied from ec/ecdhtest.c or apps/speed.c, that's designed to use SHA1; if you want something else, change it. I'm not sure why it's even there; the comment in speed.c says it was in a tls-ecc draft, but it is NOT in 4492. I don't know of any other ECDH (or DH) applications that apply a nontrivial KDF directly to the agreement; if they do key derivation, it's somewhere else. Note that if you use a 163-bit curve as you coded, you won't get more than about 80 bits of security strength out of it no matter how you hash it, and that is now considered inadequate by most authorities. If you use your commented version with p521, and sha256 or maybe 384, you can get 256-bit strength, IF your keys actually have at least 256 bits of entropy going in. But no one actually needs 256-bit strength, and it's often a distraction from much more serious flaws elsewhere. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
