ECC CDH (KAS)

Neil Proctor np at acronisscs.com
Wed Oct 9 11:32:53 UTC 2019


Hello,

I had a question regarding the ECC CDH (KAS) algorithm listed on Page 15 of https://www.openssl.org/docs/fips/SecurityPolicy-2.0.15.pdf

Which mode is used for the Key Agreement Scheme?

Full Unified
Full MVQ
Ephemeral Unified
One Pass Unified
One Pass MVQ
One Pass DH
Static Unified


And which of these functions are performed?


Domain Parameter Generation
Domain Parameter Verification
Key Pair Generation
Full Validation (as specified in SP 800-131A, section 5.6.2.4 and/or 5.6.2.5)
Partial Validation (as specified in SP 800-131A, section 5.6.2.6)
Key Regeneration

I'm very new to Diffie Hellman, and I'm trying to learn more about it in regards to how it conforms with some of the NIST guidance and FIPS certification.

Thanks,

Neil
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20191009/0c609997/attachment-0001.html>


More information about the openssl-users mailing list