Actaully here I need to write the hash function which generate the 448 bit hash value. By looking into openssl I did not find any hash function which can generate the 448 bit. Do we have any library function for generating 448 bit hash value?
On 18 December 2012 08:18, jeetendra gangele <gangele...@gmail.com> wrote: > Yes i used from ec/ecdhtest.c. > If you see the ECDH_compute_key in last argument It need some hash > function to sign the shared secret. > And here I need 256 bit secret key,that will be point on curve?. > That why I tried to use here sha256,because sha1 is 20bytes . > > Also ECDH_compute_key for this fun I did not find much detail. > Do you know how can I get x,y cordinate from public point i mean which > API to use? > > > > On 18 December 2012 04:36, Dave Thompson <dthomp...@prinpay.com> wrote: >>> From: owner-openssl-us...@openssl.org On Behalf Of jeetendra gangele >>> Sent: Monday, 17 December, 2012 13:17 >> >>> HI for ECDH can I use the HAs256 algorithm. >>> >>> I have gone through the inside DS and written this piece of code and >>> it worked also. >>> But here how can U sesha256 ,when i used i am getting the error. >>> How can i use here sha256? >>> >> <snip> >>> aout = ECDH_compute_key(abuf, alen, EC_KEY_get0_public_key(ecdh2), >>> ecdh, KDF1_SHA1); >> >> What is KDF1_SHA1? If it's copied from ec/ecdhtest.c or apps/speed.c, >> that's designed to use SHA1; if you want something else, change it. >> I'm not sure why it's even there; the comment in speed.c says it was >> in a tls-ecc draft, but it is NOT in 4492. I don't know of any other >> ECDH (or DH) applications that apply a nontrivial KDF directly to >> the agreement; if they do key derivation, it's somewhere else. >> >> Note that if you use a 163-bit curve as you coded, you won't get more >> than about 80 bits of security strength out of it no matter how you >> hash it, and that is now considered inadequate by most authorities. >> If you use your commented version with p521, and sha256 or maybe 384, >> you can get 256-bit strength, IF your keys actually have at least 256 >> bits of entropy going in. But no one actually needs 256-bit strength, >> and it's often a distraction from much more serious flaws elsewhere. >> >> >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-users@openssl.org >> Automated List Manager majord...@openssl.org - ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
