[Cryptech Tech] Key wrap in HW

Peter Gutmann pgut001 at cs.auckland.ac.nz
Tue Jun 19 06:23:20 UTC 2018

Joachim Strömbergson <joachim.strombergson at assured.se> writes:

>The key issue I see is how key wrapping is used in the Alpha. Are we
>wrapping/unwrapping single keys? Or are wrapping/unwrapping performed on a
>bunch of keys as they belong to the same plaintext? 

Another issue, specific to what's described in RFC 3394, is that this
documents an algorithm invented by someone, or perhaps multiple someones (the
PRNG^H^H^H^HDRBG stuff was serialised design by committee) at NIST for use
with AES, for purposes unknown (there was no pressing need for it in any of
the main Internet security standards that I know of).  So the question is
really, why are you wrapping symmetric keys, and who will be consuming them?
Only after you've figured out your use cases can you really decide which
format do you want to use.


More information about the Tech mailing list