Mercurial > dropbear
view libtomcrypt/notes/tech0006.txt @ 1857:6022df862942
Use DSCP for IP QoS traffic classes
The previous TOS values are deprecated and not used by modern traffic
classifiers. This sets AF21 for "interactive" traffic (with a tty).
Non-tty traffic sets AF11 - that indicates high throughput but is not
lowest priority (which would be CS1 or LE).
This differs from the CS1 used by OpenSSH, it lets interactive git over SSH
have higher priority than background least effort traffic. Dropbear's settings
here should be suitable with the diffservs used by CAKE qdisc.
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Tue, 25 Jan 2022 17:32:20 +0800 |
| parents | 1b9e69c058d2 |
| children |
line wrap: on
line source
Tech Note 0006 PK Standards Compliance Tom St Denis RSA ---- PKCS #1 compliance. Key Format: RSAPublicKey and RSAPrivateKey as per PKCS #1 v2.1 Encryption: OAEP as per PKCS #1 Signature : PSS as per PKCS #1 DSA ---- The NIST DSA algorithm Key Format: HomeBrew [see below] Signature : ANSI X9.62 format [see below]. Keys are stored as DSAPublicKey ::= SEQUENCE { publicFlags BIT STRING(1), -- must be 0 g INTEGER , -- base generator, check that g^q mod p == 1 -- and that 1 < g < p - 1 p INTEGER , -- prime modulus q INTEGER , -- order of sub-group (must be prime) y INTEGER , -- public key, specifically, g^x mod p, -- check that y^q mod p == 1 -- and that 1 < y < p - 1 } DSAPrivateKey ::= SEQUENCE { publicFlags BIT STRING(1), -- must be 1 g INTEGER , -- base generator, check that g^q mod p == 1 -- and that 1 < g < p - 1 p INTEGER , -- prime modulus q INTEGER , -- order of sub-group (must be prime) y INTEGER , -- public key, specifically, g^x mod p, -- check that y^q mod p == 1 -- and that 1 < y < p - 1 x INTEGER -- private key } Signatures are stored as DSASignature ::= SEQUENCE { r, s INTEGER -- signature parameters } ECC ---- The ANSI X9.62 and X9.63 algorithms [partial]. Supports all NIST GF(p) curves. Key Format : Homebrew [see below, only GF(p) NIST curves supported] Signature : X9.62 compliant Encryption : Homebrew [based on X9.63, differs in that the public point is stored as an ECCPublicKey] Shared Secret: X9.63 compliant ECCPublicKey ::= SEQUENCE { flags BIT STRING(1), -- public/private flag (always zero), keySize INTEGER, -- Curve size (in bits) divided by eight -- and rounded down, e.g. 521 => 65 pubkey.x INTEGER, -- The X co-ordinate of the public key point pubkey.y INTEGER, -- The Y co-ordinate of the public key point } ECCPrivateKey ::= SEQUENCE { flags BIT STRING(1), -- public/private flag (always one), keySize INTEGER, -- Curve size (in bits) divided by eight -- and rounded down, e.g. 521 => 65 pubkey.x INTEGER, -- The X co-ordinate of the public key point pubkey.y INTEGER, -- The Y co-ordinate of the public key point secret.k INTEGER, -- The secret key scalar } The encryption works by finding the X9.63 shared secret and hashing it. The hash is then simply XOR'ed against the message [which must be at most the size of the hash digest]. The format of the encrypted text is as follows ECCEncrypted ::= SEQUENCE { hashOID OBJECT IDENTIFIER, -- The OID of the hash used pubkey OCTET STRING , -- Encapsulation of a random ECCPublicKey skey OCTET STRING -- The encrypted text (which the hash was XOR'ed against) } % $Source: /cvs/libtom/libtomcrypt/notes/tech0006.txt,v $ % $Revision: 1.2 $ % $Date: 2005/06/18 02:26:27 $