- From: Wan-Teh Chang <wtc@google.com>
- Date: Tue, 21 Aug 2012 13:48:40 -0700
- To: Vijay Bharadwaj <Vijay.Bharadwaj@microsoft.com>
- Cc: Ryan Sleevi <sleevi@google.com>, Web Cryptography Working Group <public-webcrypto@w3.org>
On Tue, Aug 14, 2012 at 9:30 AM, Vijay Bharadwaj <Vijay.Bharadwaj@microsoft.com> wrote: > Regarding key sizes, I disagree - I think you may have picked the wrong examples for this. > > AES-256 is a different algorithm than AES-128; the key expansion is substantially different. > Similarly, the EC curve is not just a matter of key size; it determines the field in which all > operations are performed. So I don't think you can have a complete algorithm specification > without including these two. Hi Vijay: thank you for your comment. I understand your point. The key size and elliptic curve name are attributes of a key, and an API can be designed so that these key attributes determine the variant of the algorithm used. This is the design used in Java and PKCS #11: http://java.sun.com/developer/technicalArticles/Security/AES/AES_v1.html http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/util/pkcs11t.h&rev=1.22&mark=882,884#878 http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/util/pkcs11t.h&rev=1.22&mark=859,861-862#856 I can't quite figure out which design is used in Windows CNG. It seems to be a mixture because I see BCRYPT_AES_ALGORITHM "AES", which does not contain the key size, and BCRYPT_ECDSA_P256_ALGORITHM, which contains the key size/curve name: http://msdn.microsoft.com/en-us/library/windows/desktop/aa375534%28v=vs.85%29.aspx Wan-Teh
Received on Tuesday, 21 August 2012 20:49:09 UTC