Closed Bug 1912828 Opened 10 months ago Closed 9 months ago

Skip pairwise consistency check for ephemeral ECDH keys

Categories

(NSS :: Libraries, enhancement, P3)

Product:
NSS
Component:
Libraries
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: jschanck, Assigned: jschanck)

Details

Attachments

(1 file)

Bug 1912828 - define CKM_NSS_ECDHE_NO_PAIRWISE_CHECK_KEY_PAIR_GEN. r=#nss-reviewers
48 bytes, text/x-phabricator-request
Details | Review

Section 5.6.2.1.4 of SP 800-56A rev. 3 (page 36) states that the owner of a static ECC key pair (d, Q) shall compute dG and compare it with Q prior to using the key. Softoken performs some group operations (not exactly these ones, see sftk_PairwiseConsistencyCheck) for all ECC key pairs, both static and ephemeral.

We should save some effort in TLS handshakes by defining a PKCS#11 mechanism for ephemeral key pairs that avoids the pairwise consistency check.

Attachment #9418892 - Attachment description: Bug 1912828 - define CKM_NSS_TLS_ECDHE_KEY_PAIR_GEN to improve TLS performance. r=#nss-reviewers → Bug 1912828 - define CKM_NSS_ECDHE_NO_PAIRWISE_CHECK_KEY_PAIR_GEN. r=#nss-reviewers

https://hg.mozilla.org/projects/nss/rev/e22ffb85ee6805e194ea9d88d187482400398635

Status: NEW → RESOLVED
Closed: 9 months ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: