Pascal Urien <[email protected]> writes: >I found in NIST Special Publication 800-56A Revision 3 > >5.6.2.3.1 FFC Full Public-Key Validation Routine >2. Verify that 1 = y q mod p.
This only works for FIPS 186-style DH values where q is present, not PKCS #3
values as used in SSH and SSL/TLS. Only TLS-LTS sends the q value allowing
this check.
Peter.
_______________________________________________
TLS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tls
