ECC implementation is not compliant to FIPS 186 Appendix B

intel / tinycrypt

tinycrypt is a library of cryptographic algorithms with a focus on small, simple implementation.

Other

446 stars 156 forks source link

ECC implementation is not compliant to FIPS 186 Appendix B #12

Closed hackermnementh closed 7 years ago

hackermnementh commented 7 years ago

ECC implementation is not compliant to FIPS 186. Appendix B.4 allows either generating 64 extra bits and computing c=random mod n, or choosing random bit strings len(n) until a value less than n-2 is found and used as c. This function is only compliant if it fails for a random bit string with integer value less than n-2 is passed in.

hackermnementh commented 7 years ago

Latest commits should fix this.