[openssl-users] ECDSA and ECDH

Manoj Ramachandran Manoj.Ramachandran at quest-global.com
Fri Jun 2 07:00:10 UTC 2017


We are planning to designing an embedded device integrating ATECC508A module for PKI support. The embedded device is planned to communicate with a host device which will be ported with FIPS compliant OpenSSL library.  Our embedded device will be using ECDSA (FIPS 186-3)  and ECDH (FIPS SP800-56A) by calling APIs of ATECC508A SDK.  Is there any compatibility issue?

1.       Whether a digest signed using openssl library can be verified in our embedded module and vice-versa .

2.       We understand that, OpenSSL doesn't have FIPS 140-2 certification for ECDH. If we use ECDH, whether we can claim our system to be FIPS 140-2 compliant?

---Disclaimer------------------------------ This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended solely for the use of the addressee(s). If you are not the intended recipient, please notify the sender by e-mail and delete the original message. Opinions, conclusions and other information in this transmission that do not relate to the official business of QuEST Global and/or its subsidiaries, shall be understood as neither given nor endorsed by it. Any statements made herein that are tantamount to contractual obligations, promises, claims or commitments shall not be binding on the Company unless followed by written confirmation by an authorized signatory of the Company. -----------------------------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170602/89135bf8/attachment.html>

More information about the openssl-users mailing list