Giter Club home page Giter Club logo

Comments (2)

dengert avatar dengert commented on July 18, 2024 1

14 card drivers in OpenSC have support for RSA 3072. But you need a card/token with applet that supports RSA 3072.
NIST sp800-73-1 in 2006 defined it for PIV, but it was dropped in later versions. It looks like it is coming back.

grep "_sc_card_add_rsa_alg(card,.*3072" card-*

from opensc.

frankmorgner avatar frankmorgner commented on July 18, 2024 1

I assume you are referring specifically to the PIV card driver as NIST SP 800-78-5 is about Cryptographic Algorithms and Key Sizes for Personal Identity Verification

From the ChangeLog, I read the following:

In 2023, Revision 5 updates incorporate the following changes:
• Table 1 reflects additional higher strength keys with at least 128-bit security and suggested sunsets of lower sized keys by 2030 in anticipation of the recommended migration to 128-bit security strength in 2031.
• Accommodation of the Secure Messaging Authentication key
• Deprecation of the symmetric card authentication key
• Deprecation of 3TDEA algorithm with identifiers ‘00’ and ‘03’
• Removal of the retired RNG from CAVP PIV component testing where applicable

The only new feature added is the PIV Secure Messaging key. As far as I read the code, we're currently only supporting the pairing code for key establishment with PIV SM being disabled by default.

AFAICT, the new version should be supported if we add support for the asymmetric PIV SM key.

from opensc.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.