Re: crypto-ISSUE-13: Relationship between the W3C Web Cryptography work product and the IETF JOSE WG [Web Cryptography API]

On Tue, Aug 14, 2012 at 9:30 AM, Vijay Bharadwaj
<> wrote:
> Regarding key sizes, I disagree - I think you may have picked the wrong examples for this.
> AES-256 is a different algorithm than AES-128; the key expansion is substantially different.
> Similarly, the EC curve is not just a matter of key size; it determines the field in which all
> operations are performed. So I don't think you can have a complete algorithm specification
> without including these two.

Hi Vijay: thank you for your comment. I understand your point. The key size and
elliptic curve name are attributes of a key, and an API can be designed so that
these key attributes determine the variant of the algorithm used. This is the
design used in Java and PKCS #11:,884#878,861-862#856

I can't quite figure out which design is used in Windows CNG. It seems to be
a mixture because I see BCRYPT_AES_ALGORITHM "AES", which does
not contain the key size, and BCRYPT_ECDSA_P256_ALGORITHM, which
contains the key size/curve name:


Received on Tuesday, 21 August 2012 20:49:09 UTC