From: M.Gream@uts.EDU.AU (Matthew Gream)
Date: Fri, 5 Aug 94 22:56:06 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Problem in draft FIPS `CRYPTOGRAPHIC SERVICE CALLS'
Message-ID: <9408060559.AA02417@acacia.itd.uts.EDU.AU>
MIME-Version: 1.0
Content-Type: text/plain



Anyone producing cryptographic software elements should take notice of
the recent FIPS draft standard on `cryptographic service calls' dated
23 May 1994. 

It attempts to define data structures and "function" calls towards the
goal of making better interoperability between applications and crypto
"libraries". However, you'll notice that both DSA and RSA modulus sizes
are constrained to a `MODULUS_SIZE ' of 64 `BYTE's (unsigned char).
This permissible maximum of 512 bits is too small, and a violation of
FIPS-186 s.4.1. amongst others.

I like this FIPS, but it would be pretty useless if it contained the
above restriction. If you're also a software developer, make a comment
to NIST on the issue, so they do change it.

Matthew.

-- 
Matthew Gream <M.Gream@uts.edu.au> -- Consent Technologies, (02) 821-2043
Disclaimer: From? \nem speaking_for(Organization?)