RE: [PATCH v5 1/3] crypto: Key-agreement Protocol Primitives API (KPP)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Herbert,

apologies, I missed this email.

> -----Original Message-----
> From: linux-crypto-owner@xxxxxxxxxxxxxxx [mailto:linux-crypto-
> owner@xxxxxxxxxxxxxxx] On Behalf Of Herbert Xu
> Sent: Tuesday, May 31, 2016 7:42 AM
> To: Benedetto, Salvatore <salvatore.benedetto@xxxxxxxxx>
> Cc: linux-crypto@xxxxxxxxxxxxxxx
> Subject: Re: [PATCH v5 1/3] crypto: Key-agreement Protocol Primitives API
> (KPP)
> 
> On Mon, May 09, 2016 at 10:40:39PM +0100, Salvatore Benedetto wrote:
> > Add key-agreement protocol primitives (kpp) API which allows to
> > implement primitives required by protocols such as DH and ECDH.
> > The API is composed mainly by the following functions
> >  * set_params() - It allows the user to set the parameters known to
> >    both parties involved in the key-agreement session
> >  * set_secret() - It allows the user to set his secret, also
> >    referred to as his private key
> 
> Why can't we just have one function, set_secret or better yet setkey?
>

Off the top of my head, with ECDH when the user gets a EGAIN, he wants
to reset the secret key only, not the params.

> >  * generate_public_key() - It generates the public key to be sent to
> >    the other counterpart involved in the key-agreement session. The
> >    function has to be called after set_params() and set_secret()
> >  * generate_secret() - It generates the shared secret for the session
> 
> Ditto, we only need one operation and that is multiplication by the secret.

Sorry, but I don't understand your point.
We do always need one math operation with different params.

> I'm OK with you keeping them separate for kpp users so that they don't have
> to explicitly provide G but please ensure that drivers only have to implement
> one of them.

The implementation still has to know which params to use for the operation
and somehow we need to pass that information on.

Can you please help understand what your main concern is? :-)

Thanks,
Salvatore
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux