diff options
author | obscuren <geffobscura@gmail.com> | 2015-02-14 06:45:38 +0800 |
---|---|---|
committer | obscuren <geffobscura@gmail.com> | 2015-02-14 06:45:38 +0800 |
commit | 396f1a0a33aaa0acf0f1381471c37dabb3caa94e (patch) | |
tree | 10f0cc27efa665d721158cd4504fe7c0a39707ae /crypto/ecies/README | |
parent | 49a739c8d647739b3d815966f8854a4e9978df56 (diff) | |
parent | 7c0f4a9b18d992166452d8cd32caaefd92b26386 (diff) | |
download | go-tangerine-396f1a0a33aaa0acf0f1381471c37dabb3caa94e.tar.gz go-tangerine-396f1a0a33aaa0acf0f1381471c37dabb3caa94e.tar.zst go-tangerine-396f1a0a33aaa0acf0f1381471c37dabb3caa94e.zip |
Add 'crypto/ecies/' from commit '7c0f4a9b18d992166452d8cd32caaefd92b26386'
git-subtree-dir: crypto/ecies
git-subtree-mainline: 49a739c8d647739b3d815966f8854a4e9978df56
git-subtree-split: 7c0f4a9b18d992166452d8cd32caaefd92b26386
Diffstat (limited to 'crypto/ecies/README')
-rw-r--r-- | crypto/ecies/README | 94 |
1 files changed, 94 insertions, 0 deletions
diff --git a/crypto/ecies/README b/crypto/ecies/README new file mode 100644 index 000000000..2650c7b9f --- /dev/null +++ b/crypto/ecies/README @@ -0,0 +1,94 @@ +# NOTE + +This implementation is direct fork of Kylom's implementation. I claim no authorship over this code apart from some minor modifications. +Please be aware this code **has not yet been reviewed**. + +ecies implements the Elliptic Curve Integrated Encryption Scheme. + +The package is designed to be compliant with the appropriate NIST +standards, and therefore doesn't support the full SEC 1 algorithm set. + + +STATUS: + +ecies should be ready for use. The ASN.1 support is only complete so +far as to supported the listed algorithms before. + + +CAVEATS + +1. CMAC support is currently not present. + + +SUPPORTED ALGORITHMS + + SYMMETRIC CIPHERS HASH FUNCTIONS + AES128 SHA-1 + AES192 SHA-224 + AES256 SHA-256 + SHA-384 + ELLIPTIC CURVE SHA-512 + P256 + P384 KEY DERIVATION FUNCTION + P521 NIST SP 800-65a Concatenation KDF + +Curve P224 isn't supported because it does not provide a minimum security +level of AES128 with HMAC-SHA1. According to NIST SP 800-57, the security +level of P224 is 112 bits of security. Symmetric ciphers use CTR-mode; +message tags are computed using HMAC-<HASH> function. + + +CURVE SELECTION + +According to NIST SP 800-57, the following curves should be selected: + + +----------------+-------+ + | SYMMETRIC SIZE | CURVE | + +----------------+-------+ + | 128-bit | P256 | + +----------------+-------+ + | 192-bit | P384 | + +----------------+-------+ + | 256-bit | P521 | + +----------------+-------+ + + +TODO + +1. Look at serialising the parameters with the SEC 1 ASN.1 module. +2. Validate ASN.1 formats with SEC 1. + + +TEST VECTORS + +The only test vectors I've found so far date from 1993, predating AES +and including only 163-bit curves. Therefore, there are no published +test vectors to compare to. + + +LICENSE + +ecies is released under the same license as the Go source code. See the +LICENSE file for details. + + +REFERENCES + +* SEC (Standard for Efficient Cryptography) 1, version 2.0: Elliptic + Curve Cryptography; Certicom, May 2009. + http://www.secg.org/sec1-v2.pdf +* GEC (Guidelines for Efficient Cryptography) 2, version 0.3: Test + Vectors for SEC 1; Certicom, September 1999. + http://read.pudn.com/downloads168/doc/772358/TestVectorsforSEC%201-gec2.pdf +* NIST SP 800-56a: Recommendation for Pair-Wise Key Establishment Schemes + Using Discrete Logarithm Cryptography. National Institute of Standards + and Technology, May 2007. + http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf +* Suite B Implementer’s Guide to NIST SP 800-56A. National Security + Agency, July 28, 2009. + http://www.nsa.gov/ia/_files/SuiteB_Implementer_G-113808.pdf +* NIST SP 800-57: Recommendation for Key Management – Part 1: General + (Revision 3). National Institute of Standards and Technology, July + 2012. + http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_general.pdf + |