Open AndreasFuchsTPM opened 4 years ago
AndreasFuchsTPM
commented
4 years ago Apparently https://de.wikipedia.org/wiki/Elliptic_Curve_Integrated_Encryption_Scheme is the way to go. So no support for plain ECDH via encrypt. Encoding still pending.
tstruk
commented
4 years ago Doesn't this require TPM2 v1.63?
AndreasFuchsTPM
commented
4 years ago TPM2_ECDH_ZGen exists on all TPMs, doesn't it ? The ECIES-Scheme can then be done in software.
AndreasFuchsTPM
commented
4 years ago I want this to be compliant to openssl, but they don't support it yet: https://github.com/openssl/openssl/issues/9314#issuecomment-508724551 Apparently, too many governers.
I guess we'll have to wait. If there's urgent desire, please post here and maybe we can have our own "intermediate" encoding or we export plain ECDH...
AndreasFuchsTPM
commented
4 years ago Moving to 3.2 since this has not seen the foundational work needed yet, so unlikely to make it
frostzou
commented
3 years ago Hi, as for ECC encryption, will it be supported in the future?
If yes, do we have a general timeline?
williamcroberts
commented
3 years ago Hi, as for ECC encryption, will it be supported in the future?
If yes, do we have a general timeline?
I think when we figure out how it works, we can do it. We are looking at adding support in the tools, and have a general understanding of the operation. @idesai is leading that charge, but it's on the back burner over there as well for some currently pressing matters.
AndreasFuchsTPM
commented
3 years ago @williamcroberts @idesai Could you give me a pointer to the concrete spec/mode you wanne use ?
williamcroberts
commented
3 years ago @williamcroberts @idesai Could you give me a pointer to the concrete spec/mode you wanne use ?
I think we're in the same boat, I think its something to do with the zgen routines, because that seems to do the point multiplication of an input with the private portion of the key. Which AFAICT is encryption. But we want to make sure our tools work with OpenSSL, so we have a lot of path finding to do.
mansetagunj
commented
3 years ago Thanks for resurrecting this thread! :) I am interested in getting this feature as well and experiment a few things around it.
williamcroberts
commented
2 years ago @AndreasFuchsTPM is this still something we're targeting for 3.3?
0140454
commented
1 year ago Hi,
Since the default profile for FAPI is P_ECCP256SHA256 now, is ECC encryption will be implemented in the future?
Thank you
Fapi_Encrypt/_Decrypt currently do not support ECC keys. I'd like to add those.
Question: How do we do that, given the current APIs https://github.com/tpm2-software/tpm2-tss/blob/ebfe77b41e677de6cd808e3155fe43d606951143/include/tss2/tss2_fapi.h#L331-L338 https://github.com/tpm2-software/tpm2-tss/blob/ebfe77b41e677de6cd808e3155fe43d606951143/include/tss2/tss2_fapi.h#L350-L356
I guess we could take plainText and XOR it with the Z-Value and then put the ephemeral-pubkey concatenated with the XOR'd plainText into the cipherText. For cases of plain ECDH, people could then put a bunch of 0 into the cipherText and thereby receive the plain Z-Value ?
Question is how to encode this stuff in the cipher-text. Of course TPM2_ECC_POINTS are an option, but there must be more common ones out there.
But since I guess I'm not the first to come up with this; how do other libs do that ?