Saturday, October 1, 2016

ACCESS POINTS

HyperTransport on Opteron

HyperTransport is a high speed 16-bit serial bus, providing (at full speed) a bi-directional bus with 3.2GB/sec of bandwidth each way, for 6.4GB/sec total. With 3 such links on any given Opteron processor, 2 for communication with other Opteron processors in the system and the third for communication with any external services provided by other I/O ASIC's in the system.

HyperTransport also supports tunnelling, so that any I/O ASIC attached to the I/O HT link on the Opteron processor can tunnel the bus traffic to another serially connected I/O ASIC on that same HT link. For a proper example, think about a system that provides AMD's 131 PCI-X segment bridge connected via HyperTransport, then their 8111 I/O hub connected to the other side of the 8131. The bus traffic travels like so:


Opteron <-16 bit-=""> AMD 8131 <-8 bit-=""> AMD 8111
The HyperTransport serial bus along with tunnelling, lets the processor communicate with the 8111 bridge via the 8131 segment bridge, with very little latency. Everything connected to the 8111 is visible and active as far as the Opteron CPU is concerned. Further 8131's, or any other HyperTransport tunnel ASIC, can also be connected to the far side of the first 8131 too if needed. Obviously, bus saturation and latency becomes a limiting factor as far as bus traffic and performance is concerned, but the bus is that extensible if need be.
The 2 further HT links for CPU to CPU communication allow multi way Opteron systems to be created. Given that the bus is low latency and high bandwidth, adding further Opteron processors to a multi way system increases performance at a much larger rate than any other SMP x86 system. And since the bus for inter CPU communication resides on the processor itself, with the bus protocol itself intelligent to allow efficient signalling and tunnelling, your aren't limited by the chipset and all communication doesn't flow through one piece of silicon.
NUMA allows each CPU to only talk to the CPU it needs to, via the shortest HT link path and you don't need an I/O ASIC system capable of the 51.2GB/sec of potential inter CPU bandwidth on an 8-way Opteron system. The CPU does it all, at low latency and high speed, the actual operating system intervention required for the NUMA abstraction to occur is very little, compared to traditional multi processor systems based around x86 hardware.
The last thing worth talking about with regards to HyperTransport on Opteron, which I won't specifically cover in this article due to the hardware on test, is that HyperTransport bus bandwidth now has the ability to affect future graphics performance. In current systems, with something like the AMD 8151 AGP HyperTransport tunnel, the speed of the bus link to the processor can affect AGP graphics performance. And with HyperTransport unable to provide identical latency to all devices on a given bus, it's essential that AGP bridges, or any other graphics bus (PCI Express?) in the future, be placed as the first HyperTransport device on the I/O bus of the Opteron processor, for maximum performance.
So we know about x86-64 basics, HyperTransport and all the enhancements to the K7 core that give Opteron/K8 its power when running current code (both 32 and 64 bit), lets take a look at a real life implementation, a quite special one at that. 


https://www.comway.dk/en-gb/network/access-points 

ACESS PONITS 
http://hexus.net/business/reviews/enterprise/626-amd-opteron/?page=6 
at No comments:

Frequency Analysis: Breaking the Code

The Method
The methodology behind frequency analysis relies on the fact that in any language, each letter has its own personality. The most obvious trait that letters have is the frequency with which they appear in a language. Clearly in English the letter "Z" appears far less frequently than, say, "A". In times gone by, if you wanted to find out the frequencies of letters within a language, you had to find a large piece of text and count each frequency. Now, however, we have computers that can do the hard work for us. But in fact, we don't even need to do this step, as for most languages there are databases of the letter frequencies, which have been calculated by looking at millions of texts, and are thus very highly accurate.
From these databases we find that "E" is the most common letter in English, appearing about 12% of the time (that is just over one in ten letters is an "E"). The next most common letter is "T" at 9%. The full frequency list is given by the graph below.
Picture
This chart shows the frequencies with which each letter appears in the English language. It clearly shows that "e" is the most common, followed by a small cluster of other common letters.
Picture
The frequencies of letters appearing in the English language, in order from most common to least.
We can use this information to help us break a code given by a Monoalphabetic Substitution Cipher. This works because, if "e" has been encrypted to "X", then every "X" was an "e". Hence, the most common letter in the ciphertext should be "X".
Thus, if we intercept a message, and the most common letter is "P", we can guess that "P" was used to encrypt "e", and thus replace all the "P"'s with "e". Of course, not every text has exactly the same frequency, and as seen above, "t" and "a" have high frequencies too, so it could be that "P" was one of those. However, it is unlikely to be "z" as this is rare in the English Language. By repeating this process we can make good progress in breaking a message.
If we were to just put all the letters in order, and replace them as in the frequencies, it would likely produce jibberish. The codebreaker has to use other "personality traits" of the letters to decrypt the message. This may include looking at common pairs of letters (or digraphs): there aren't many 2 letter words; there are only a few letters which appear as doubles (SS, EE, TT, OO and FF being the most common). There are only two sensical words made of a single letter in English. Other common words also start to appear as you make some substitutions. For example "tKe" might appear frequently after making substitutions for "t" and "e". This is very likely to be "the", a very common word in English. There is a list of useful statistics for the english language available here.
The process of frequency analysis uses various subtle properties of the language, and for this reason, it is near impossible to have a computer do all the work. Inevitably, an element of human input is necessary in this process to make educated decisions about which letters to substitute.http://crypto.interactive-maths.com/frequency-analysis-breaking-the-code.html
 
http://www.counton.org/explorer/codebreaking/frequency-analysis.php 
 
 
at No comments:
ShiftRow and InvShiftRow change the order of bytes within a 16 byte (128 bit) word. Both transformations involve only changing the order of signals, and therefore they can be implemented using routing only, and do not require any logic resources, such as Configurable Logic Blocks (CLBs) or dedicated RAM. MixColumn / InvMixColumn influences usually the cipher area very much. Therefore, we proceeded further with the resource sharing for these blocks. In order to significantly decrease the area of MixColumn / InvMixColumn , a joint implementation described in detail in the Ref. [19] is proposed in Fig. 5. The four inputs and four outputs represent single bytes. Four identical blocks like that one shown in Fig. 5, constitute the MixColumn block diagram. KeyAddition is a bitwise XOR of two 128 bit words. The implementation of the encryption and decryption combined unit is shown in Fig. 6. It requires realization of five component operations: Substitution , ShiftRow , InvShiftRow , MixColumn , and KeyAddition . The values of the selection signals selEncDec , selData , selMode , and selReg for the multiplexers are also described. The architecture shown in Fig. 6 is very compact and is based on the resource sharing for two blocks Substitution and MixColumn in order to achieve minimum area of the circuit. It has been proven from simulations and further on from implementation that by using the resource sharing of these blocks the area of the circuit is with 16% less. ShiftRow and InvShiftRow do not require any logic resources in FPGA implementation. The Rijndael cipher in OCB/ECB modes of operation was first described in Verilog, and his description verified using the Verilog-XL simulator from Cadence Design Systems. Test vectors from the reference software implementations were used for debugging and verification of Verilog codes. The revised Verilog code became an input to Xilinx ISE Series 4.1 i software performing the logic synthesis, mapping, placing, and routing. In order to fit the whole circuit in one FPGA device Virtex II XC2V1000-4, the option for the Xilinx ISE Series 4.1 i software was set to small area and the design has been flatten. These tools generated reports describing the area and speed of implementation, a netlist used for timing simulations, and a bitstream to be used to program the FPGA device Virtex II XC2V1000-4 [22]. The software [23] used to provide test vectors for OCB mode of operation was written in C and C CC and is available at Rogaway’s home page. The test vectors as well as the variables of a pipeline with five inputs ( n Z 5 in Fig. 3) containing 74 blocks of data encrypted in OCB are represented in Fig. 7. For simplicity, key, nonce, and plaintext are all set to zero. The timing simulation results of the test vectors were performed with the key KeyIn [0:15] and the input Input [0:15] set to zero, as shown in Fig. 8. ModeOperation and EncDec are ‘1/0’ logic for OCB/ECB and encryption/ decryption, respectively. Length [4:0] shows the number of remaining blocks of data and Counter [11:0] displays the number of packages. The maximum number of packages transmitted in WLANs is 4095 and therefore 12 bits are needed for coding. NewKey is ‘1’ logic whenever is desired to load an external key. The reset of the circuit is synchronous through reset while start and done are part of the handshaking protocol. In order to program the FPGA, a SUN workstation was connected to the Insight Virtex II Development Kit board [24]. The board was connected to the Logic Analysis System Agilent 16702B [25] which provided and displayed signals during measurements. The experimental results are shown in Fig. 9. The results of the FPGA implementation are summarized in Table 1. The throughput of the circuit in OCB mode is given by:
Go to publication
 
https://www.researchgate.net/figure/274954631_fig1_Fig-8-Timing-simulation-in-Cadence-Verilog-XL-at-50-MHz-clock-frequency-showing-the 
at No comments:

What is the use of PFS(Perfect Forward Secrecy) in IPSEC tunnel and how to enable it on the Aruba controller ?

How to check PFS is enabeld or disabled:
 
(Aruba7210) #show crypto-local ipsec-map
 
Crypto Map Template"test" 100
         IKE Version: 1
         IKEv1 Policy: All
         Security association lifetime seconds : [300 -86400]
         Security association lifetime kilobytes: N/A
         PFS (Y/N): N                                                                        <-- disabled="" here="" is="" pfs="" span="">
         Transform sets={ default-transform }
         Peer gateway: 0.0.0.0
         Interface: VLAN 0
         Source network: 0.0.0.0/0.0.0.0
         Destination network: 0.0.0.0/0.0.0.0
         Pre-Connect (Y/N): N
         Tunnel Trusted (Y/N): N
         Forced NAT-T (Y/N): N
 
How to enable PFS for IPSEC tunnel:
 
(Aruba7210) #configure terminal
(Aruba7210) (config) #crypto-local  ipsec-map test 100
(Aruba7210) (config-ipsec-map)#  set pfs
 
Note: If we decide to enable PFS(As a additional Security for IPSEC tunnel), then we need to enable it on both the end(Initiator and Responder).
 
 
 
at No comments:

Using Supported Elliptic Curves Extension with CyaSSL

Using Supported Elliptic Curves Extension with CyaSSL
 
We are back to talk about TLS extensions again. Today we present the addition of Supported Elliptic Curves on CyaSSL!

RFC 4492 introduces five new ECC-based key exchange algorithms for TLS: ECDH_ECDSA, ECDHE_ECDSA, ECDH_RSA, ECDHE_RSA and ECDH_anon. However, it may be desirable in constrained environments to only support a limited number of curves. When a client uses this extension, servers that understands it MUST NOT negotiate the use of an ECC cipher suite unless they can complete the handshake while respecting the choice of curves specified by the client. This eliminates the possibility that a negotiated ECC handshake will be subsequently aborted due to a client’s inability to deal with the server’s ECC key.

To enable the usage of Supported Elliptic Curves in CyaSSL you can simply do:

./configure --enable-supportedcurves

Using Supported Elliptic Curves on the client side requires additional function calls, which should be one of the following functions:

CyaSSL_CTX_UseSupportedCurve();
CyaSSL_UseSupportedCurve();

CyaSSL_CTX_UseSupportedCurve() is most recommended when the client would like to enable Supported Curves for all sessions. Setting the Supported Elliptic Curves extension at context level will enable it in all SSL objects created from that same context from the moment of the call forward.

CyaSSL_UseSupportedCurve() will enable it for one SSL object only, so it's recommended to use this function when there is no need for Supported Elliptic Curves on all sessions.

These functions can be called more than once to indicate the support of multiple curves.

On the server side no call is required. The server will automatically attend to the client's request selecting ECC cipher suites only if the supported curves are allowed.

All TLS extensions can also be enabled with:

./configure --enable-tlsx

https://www.wolfssl.com/wolfSSL/Blog/Entries/2014/2/5_Using_Supported_Elliptic_Curves_Extension_with_CyaSSL.html
at No comments:

Mercurial > prosody-modules / files

files

/mod_s2s_keysize_policy/ default tip
drwxr-xr-x

[up]  
-rw-r--r-- 2016-10-01 01:09 +0200 1175 README.markdown file | revisions | annotate
-rw-r--r-- 2016-10-01 01:09 +0200 1512 mod_s2s_keysize_policy.lua file | revisions | annotate

 https://hg.prosody.im/prosody-modules/file/tip/mod_s2s_keysize_policy
                                                   
at No comments: 
The methods for the generation of the parameters and complete security
  proofs regarding the security requirements specified in section 2.1
  are given in [EBP].

3.1 Parameters for 160 bit curves

  Curve-ID: brainpoolP160r1
  p = E95E4A5F737059DC60DFC7AD95B3D8139515620F
  A = 340E7BE2A280EB74E2BE61BADA745D97E8F7C300
  B = 1E589A8595423412134FAA2DBDEC95C8D8675E58
  x = BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC3
  y = 1667CB477A1A8EC338F94741669C976316DA6321
  q = E95E4A5F737059DC60DF5991D45029409E60FC09
  h = 1

  #Twisted curve
  Curve-ID: brainpoolP160t1 
  Z = 24DBFF5DEC9B986BBFE5295A29BFBAE45E0F5D0B
  A' = E95E4A5F737059DC60DFC7AD95B3D8139515620C
  B' = 7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380
  x = B199B13B9B34EFC1397E64BAEB05ACC265FF2378
  y = ADD6718B7C7C1961F0991B842443772152C9E0AD
  q = E95E4A5F737059DC60DF5991D45029409E60FC09
  h = 1

3.2 Parameters for 192 bit curves

  Curve-ID: brainpoolP192r1
  p = C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297
  A = 6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF
  B = 469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9
  x = C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD6
  y = 14B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F
  q = C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1
  h = 1

  #Twisted curve
  Curve-ID: brainpoolP192t1
  Z = 1B6F5CC8DB4DC7AF19458A9CB80DC2295E5EB9C3732104CB
  A' = C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294
  B' = 13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79
  x = 3AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129
  y = 97E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9
  q = C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1
  h = 1

3.3 Parameters for 224 bit curves

  Curve-ID: brainpoolP224r1
  p = D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF
  A = 68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43
  B = 2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B
  x = D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D
  y = 58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD
  q = D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F
  h = 1

  #Twisted curve
  Curve-ID: brainpoolP224t1 
  Z = 2DF271E14427A346910CF7A2E6CFA7B3F484E5C2CCE1C8B730E28B3F
  A' = D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC
  B' = 4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D
  x = 6AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D580
  y = 374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C
  q = D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F
  h = 1

3.4 Parameters for 256 bit curves

  Curve-ID: brainpoolP256r1
  p = A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377
  A = 7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9
  B = 26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6
  x = 8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262
  y = 547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997
  q = A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7
  h = 1

  #Twisted curve
  Curve-ID: brainpoolP256t1
  Z = 3E2D4BD9597B58639AE7AA669CAB9837CF5CF20A2C852D10F655668DFC150EF0
  A' = A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374
  B' = 662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04
  x = A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F4
  y = 2D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE
  q = A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7
  h = 1


3.5 Parameters for 320 bit curves

  Curve-ID: brainpoolP320r1
  p =
  D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412
  B1F1B32E27
  A =
  3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375
  A97D860EB4
  B =
  520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4
  AC8FB1F1A6
  x =
  43BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D
  0D39E20611
  y =
  14FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245
  D1692E8EE1
  q =
  D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E9869155
  5B44C59311
  h = 1

  #Twisted curve
  Curve-ID: brainpoolP320t1
  Z =
  15F75CAF668077F7E85B42EB01F0A81FF56ECD6191D55CB82B7D861458A18FEFC3E5AB
  7496F3C7B1
  A' =
  D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412
  B1F1B32E24
  B' =
  A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FE
  F422340353
  x =
  925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF3357F6
  24A21BED52
  y =
  63BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B1B9BC0
  455FB0D2C3
  q =
  D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E9869155
  5B44C59311
  h = 1

3.6 Parameters for 384 bit curves

  Curve-ID: brainpoolP384r1
  p =
  8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A7
  29901D1A71874700133107EC53
  A =
  7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA581
  4A503AD4EB04A8C7DD22CE2826
  B =
  4A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390
  295DBC9943AB78696FA504C11
  x =
  1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E0
  3436D646AAEF87B2E247D4AF1E
  y =
  8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646
  217791811142820341263C5315
  q =
  8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6
  AF6B7FC3103B883202E9046565
  h = 1

  #Twisted curve
  Curve-ID: brainpoolP384t1
  Z =
  41DFE8DD399331F7166A66076734A89CD0D2BCDB7D068E44E1F378F41ECBAE97D2D63D
  BC87BCCDDCCC5DA39E8589291C
  A' =
  8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A7
  29901D1A71874700133107EC50
  B' =
  7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA
  263B88805CED70355A33B471EE
  x =
  18DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF19
  1B946A5F54D8D0AA2F418808CC
  y =
  25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408
  584DC2B2912675BF5B9E582928
  q =
  8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6
  AF6B7FC3103B883202E9046565
  h = 1

3.7 Parameters for 512 bit curves

  Curve-ID: brainpoolP512r1
  p =
  AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B
  009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3
  A =
  7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D
  5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA
  B =
  3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7
  B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723
  x =
  81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F
  78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822
  y =
  7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE
  494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892
  q =
  AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C
  414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069
  h = 1

  #Twisted curve
  Curve-ID: brainpoolP512t1
  Z =
  12EE58E6764838B69782136F0F2D3BA06E27695716054092E60A80BEDB212B64E585D9
  0BCE13761F85C3F1D2A64E3BE8FEA2220F01EBA5EEB0F35DBD29D922AB
  A' =
  AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B
  009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0
  B' =
  7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA
  2304976540F6450085F2DAE145C22553B465763689180EA2571867423E
  x =
  640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51
  735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA
  y =
  5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D99321
  84BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332
  q =
  AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C
  414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069
  h = 1

4 Object identifiers for the elliptic curve domain parameters

  The root of the tree for the object identifier of the domain
  parameters defined in this specification is given by

     ecStdCurvesAndGeneration OBJECT IDENTIFIER::= {iso(1) 
     identifified-organization(3) teletrust(36) algorithm(3) 
     signature-algorithm(3) ecSign(2) 8}

  The object identifier ellipticCurve represents the tree containing the
  object identifiers for each set of domain parameters specified in this
  RFC. It has the following value:

     ellipticCurve OBJECT IDENTIFIER ::= {ecStdCurvesAndGeneration 1} 
 
http://www.ecc-brainpool.org/download/draft-lochter-pkix-brainpool-ecc-00.txt 
at No comments:
Subscribe to: Posts (Atom)