openssl-fips-2.0.16 : RSA key generation !!

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

openssl-fips-2.0.16 : RSA key generation !!

Hareesh D
Hi,

In the openssl-fips-2.0.16 version, I see that some validations are missing (generating probable primes P, Q as part of RSA key generation) which are mentioned in NIST.FIPS.186-4.pdf.

B.3.3 -> Process : Points 4.4, 4.7, 5.4, 5.5 and 5.8.

Can someone please confirm this behaviour.

Thanks !!
Reply | Threaded
Open this post in threaded view
|

Re: openssl-fips-2.0.16 : RSA key generation !!

Dr Paul Dale
There are transitions ahead to remove FIPS 186-2 as a standard.  At the moment all is good, later in this year some things will disappear and be invalid.
The OpenSSL project is aware of the situation but has not yet made a decision about the path to follow.  One thing we can say is that the old FOM will not be revalidated.


Pauli
-- 
Dr Paul Dale | Distinguished Architect | Cryptographic Foundations 
Phone +61 7 3031 7217
Oracle Australia




On 2 Jan 2020, at 3:11 pm, Hareesh D <[hidden email]> wrote:

Hi,

In the openssl-fips-2.0.16 version, I see that some validations are missing (generating probable primes P, Q as part of RSA key generation) which are mentioned in NIST.FIPS.186-4.pdf.

B.3.3 -> Process : Points 4.4, 4.7, 5.4, 5.5 and 5.8.

Can someone please confirm this behaviour.

Thanks !!