| 摘要 |
<p num="1"><br/><br/><br/>Improper re-use of a static Difhe-Hellman (DH) private key may leak <br/>information about the key. The leakage is prevented by a key derivation <br/>function (KDF), but standards do not agree on key derivation functions. The <br/>module for performing a DH private key operation must somehow support multiple <br/>different KDF standards. The present invention provides an intermediate <br/>approach that neither attempts to implement all possible KDF operations, nor <br/>provide unprotected access to the raw DH private key operation. Instead, the <br/>module performs parts of the KDF operation, as indicated by the application <br/>using the module. This saves the module from implementing the entire KDF for <br/>each KDF needed. Instead, the module implements only re-usable parts that are <br/>common to most DFs.Furthermore, when new KDFs are required, the module may be <br/>able to support them if they built on the parts that the module has <br/>implemented.<br/>
|
