Questions tagged [fips]
10 questions
5
votes
3 answers
How to reconstruct low order bits of $t$ of CRYSTALS-Dilithium from a small number of signatures?
In FIPS 204 (https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.204.ipd.pdf): "The vector $\textbf{t}$ is compressed in the actual public key by dropping the $d$ least significant bits from each coefficient, thus producing the polynomial vector…
Jong Hyeok Lee
- 51
- 1
4
votes
1 answer
Enhanced Miller Rabin outcome for composite numbers
I'm going through the Enhanced MR test cited in FIPS 186-5, in which it is mentioned that a composite number can be COMPOSITE WITH FACTOR or COMPOSITE AND NOT A POWER OF A PRIME.
When I tested this on the same modulus for longer number(approx…
sg777
- 485
- 1
- 4
- 13
2
votes
1 answer
Iteration count for (enhanced) Miller-Rabin
In FIPS 186-5 (Digital Signature Standard or DSS) there is a Table B.1 which specifies the minimum number of rounds of Miller-Rabin testing for 1024, 1536 and 2048 bit keys, used for digital signatures. That's already an update to FIPS 186-4 which…
Maarten Bodewes
- 96,351
- 14
- 169
- 323
1
vote
1 answer
Order of point on elliptic curve vs order of base field
I'm looking at the FIPS-186 standard. On page 88, it gives a table recommending the size of the base field for the elliptic curve versus the order $n$ of a point on the curve. The numbers don't seem to make sense. For example it says if the bit…
cryptolearner
- 11
- 1
1
vote
1 answer
What is the Standard to protect classified, Secret and Top Secret information?
Para 3 of Security Requirements for Cryptographic Module (FIPS 140-2) specifies the requirements that will be satisfied by a crypto module protecting sensitive but unclassified information.
What are the standards to protect classified, Secret and…
crypt
- 2,522
- 22
- 33
1
vote
1 answer
Enhanced MR test understanding the steps in detail
I'm going through the Enhanced MR test cited in FIPS 186-5, I have couple of questions regarding the following steps
4.5 $z = b^m \pmod w.$
4.6 $\textrm{If }((z = 1)\textrm{ or }(z = w – 1)), \textrm{then go to step }4.15.$
Q.1 Since $b$ is coprime…
sg777
- 485
- 1
- 4
- 13
1
vote
0 answers
is there any Openssl 3.x API for enabling and disabling FIPS mode?
i'm checking to see if there is any API or mechanism to enable or disable the FIPS Mode during the run time.
Currently the only way to change the FIPS mode is to enable the algorithm_sect (default_properties =…
Zoeb Vora
- 11
- 1
1
vote
1 answer
Could FIPS 186-5 A.1.6 method generate P and Q with different bit size?
refers to FIPS 186-5 document, I have a question about RSA Key generation A.1.6 method, "Generation of Probable Primes with Conditions Based on Auxiliary", my understanding is that, this method sets restriction on the size of Auxiliary prime only,…
gx16
- 45
- 3
0
votes
0 answers
Unable to verify ecDSA signature between cryptography libraries. BoncyCastle FIPS C# and System.Security.Cryptography
I've been looking to replace some cryptography services that use the standard .NET implementations to the BouncyCastle FIPS C# library. I've got RSA and PSS working but I'm struggling to understand an issue with Elliptical Curve.
As some groundwork…
Joe
- 1
0
votes
1 answer
What's wrong with BIP32 from NIST's perspective?
BIP32 is listed as Non-Approved Security Functions (see page 29 in 1). I could not find any problem with the primitives used in BIP32.
HMAC-SHA512: This is a FIPS-approved algorithm (see page 25 in 1).
secp256k1:
This curve is allowed to be used…
user
- 313
- 2
- 8