Fips 140-2 change re X25519
Hubert Kario
hkario at redhat.com
Tue Apr 2 11:57:52 UTC 2024
On Friday, 29 March 2024 23:19:47 CET, Salz, Rich wrote:
> Last month, X25519 became no longer usable for FIPS key
> extablishment. This become official with the drawal of FIPS
> 186-4 on February 3.
>
> We can work around it by calling the API to set allowed curves,
> but I wonder if the project is planning on updating the 140-2
> module and security policy?
Sorry, but I'm super confused.
FIPS 186-4 doesn't reference Ed25519, Curve25519, or X25519 at all.
FIPS 186-5 specifies only _signing_ algorithms, not key exchange or
key agreement algorithms. It doesn't cover ECDH or X25519 at all.
It only includes Curve25519 as part of EdDSA.
The document that does specify KEX, NIST SP 800-56Ar3, doesn't
reference Curve25519 at all.
So, how is the current status of FIPS 186-4 have any effect on
possibility of using X25519 in FIPS mode?
--
Regards,
Hubert Kario
Principal Quality Engineer, RHEL Crypto team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 115, 612 00, Brno, Czech Republic
More information about the openssl-project
mailing list