RE: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver

[RFC PATCH 0/6] Keem Bay OCS ECC crypto driver · Daniele Alessandrelli <hidden> · 2020-12-17
[RFC PATCH 1/6] crypto: engine - Add KPP Support to Crypto Engine · Daniele Alessandrelli <hidden> · 2020-12-17
[RFC PATCH 2/6] crypto: ecc - Move ecc.h to include/crypto/internal · Daniele Alessandrelli <hidden> · 2020-12-17
[RFC PATCH 3/6] crypto: ecc - Export additional helper functions · Daniele Alessandrelli <hidden> · 2020-12-17
[RFC PATCH 4/6] crypto: ecdh - Add Curve ID for NIST P-384 · Daniele Alessandrelli <hidden> · 2020-12-17
[RFC PATCH 5/6] dt-bindings: crypto: Add Keem Bay ECC bindings · Daniele Alessandrelli <hidden> · 2020-12-17
Re: [RFC PATCH 5/6] dt-bindings: crypto: Add Keem Bay ECC bindings · Rob Herring <robh@kernel.org> · 2020-12-21
[RFC PATCH 6/6] crypto: keembay-ocs-ecc - Add Keem Bay OCS ECC Driver · Daniele Alessandrelli <hidden> · 2020-12-17
RE: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver · "Reshetova, Elena" <elena.reshetova@intel.com> · 2021-01-04
Re: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver · Herbert Xu <herbert@gondor.apana.org.au> · 2021-01-04
RE: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver · "Reshetova, Elena" <elena.reshetova@intel.com> · 2021-01-04
RE: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver · "Reshetova, Elena" <elena.reshetova@intel.com> · 2021-01-14
Re: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver · Ard Biesheuvel <ardb@kernel.org> · 2021-01-14
RE: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver · "Reshetova, Elena" <elena.reshetova@intel.com> · 2021-01-18
Re: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver · Ard Biesheuvel <ardb@kernel.org> · 2021-01-18
RE: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver · "Reshetova, Elena" <elena.reshetova@intel.com> · 2021-01-19
Re: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver · Alessandrelli, Daniele <hidden> · 2021-01-20
Re: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver · Ard Biesheuvel <ardb@kernel.org> · 2021-01-21
Re: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver · Alessandrelli, Daniele <hidden> · 2021-01-21
Re: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver · Herbert Xu <herbert@gondor.apana.org.au> · 2021-01-21
Re: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver · Alessandrelli, Daniele <hidden> · 2021-01-22

From: "Reshetova, Elena" <elena.reshetova@intel.com>
Date: 2021-01-04 08:05:18
Also in: linux-devicetree

2. The OCS ECC HW does not support the NIST P-192 curve. We were planning to
   add SW fallback for P-192 in the driver, but the Intel Crypto team
   (which, internally, has to approve any code involving cryptography)
   advised against it, because they consider P-192 weak. As a result, the
   driver is not passing crypto self-tests. Is there any possible solution
   to this? Is it reasonable to change the self-tests to only test the
   curves actually supported by the tested driver? (not fully sure how to do
   that).

An additional reason against the P-192 SW fallback is the fact that it can 
potentially trigger unsafe behavior which is not even "visible" to the end user
of the ECC functionality. If I request (by my developer mistake) a P-192 
weaker curve from ECC Keem Bay HW driver, it is much safer to return a
"not supported" error that proceed behind my back with a SW code
implementation making me believe that I am actually getting a HW-backed up
functionality (since I don't think there is a way for me to check that I am using
SW fallback). 

Best Regards,
Elena

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help