Change DRBG from SHA-2-384 to SHA-2-512 used in the ECC Key Derivation

chipsalliance / caliptra-rtl

HW Design Collateral for Caliptra RoT IP

Apache License 2.0

64 stars 36 forks source link

Change DRBG from SHA-2-384 to SHA-2-512 used in the ECC Key Derivation #526

Open JohnTraverAmd opened 4 months ago

JohnTraverAmd commented 4 months ago

The DRBG used within Caliptra needs to be changed from SHA-2-384 to SHA-2-512. Tests must be updated to meet the new requirements.

bharatpillilli commented 3 months ago

Not an option for 1.x; this is a 2.0 topic given where we are.

bharatpillilli commented 1 month ago

@mojtaba-bisheh to look into this for 2.0 and we will mark it approved after the analysis

mojtaba-bisheh commented 1 week ago

@bharatpillilli Since CMVP removed the prohibition of using SHA2-384 for DRBG, and based on our discussion about DICE key derivation, we can close this issue.