> >RFC 4753 documents that the shared secret obtained from an ECP Diffie-Hellman operation is the concatenation of the x and y coordinates of the derived point. > > > >Is that correct? > > Yes, I believe.
Thank you, Paul. It matters little at this point, but I am curious to hear if any other IKE implementors faced challenges with crypto libraries or service providers only generating the x coordinate. Thanks, Scott Moonen (smoo...@us.ibm.com) z/OS Communications Server TCP/IP Development http://scott.andstuff.org/ http://www.linkedin.com/in/smoonen From: Paul Hoffman <paul.hoff...@vpnc.org> To: Scott C Moonen/Raleigh/i...@ibmus, ipsec@ietf.org Date: 07/02/2009 01:28 PM Subject: Re: [IPsec] IKE's DH groups 19-21, NIST, FIPS 140-2, etc. At 3:19 PM -0400 7/1/09, Scott C Moonen wrote: >RFC 4753 documents that the shared secret obtained from an ECP Diffie-Hellman operation is the concatenation of the x and y coordinates of the derived point. > >Is that correct? Yes, I believe. >That is a little strange to me, which is why I want to double check. The y coordinate is simply a dependent variable, so including it doesn't seem to add much. It does help to keep the formats aligned. It is probably superfluous but harmless. >Assuming it is correct that IKE considers the shared secret to be the concatenation of the x and y coordinates, does this imply that IKE's use of DH groups 19, 20 and 21 cannot be made to be compliant with FIPS 140-2? No. > (Should I be asking this question somewhere else?) Yes. Ask the folks at NIST. --Paul Hoffman, Director --VPN Consortium
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
