What I didn’t say but perhaps should have is that it’s thought the NSA possesses computing capacity capable of solving the discrete log problem for prime groups of up to 1024 bits which is why the recommended key length for RSA is now 2048 bits. However, the elliptic curve group generated by G is monocyclic, so it’s actually isomorphic to GF(n/h) and for a 256 bit elliptic curve, n/h is also 256 bits, which is well within the capacity of the NSA to solve. So the real fear is not that the NIST curves may be compromised in any way but that the NSA may possess a simple functional mapping from E(GF(p)) to GF(n/h). If that turns out to be true they can always recover your private key for a modest investment in computing resources because they’ve got a way of running the EC calculations on a simple 256 bit prime group which they’re known to be able to solve.

]]>In fact, it can be demonstrated mathematically that trying to compute n is equivalent to the discrete logarithm problem….

but as the linked Wikipedia article says

Popular choices for the group G in discrete logarithm cryptography are […] cyclic subgroups of elliptic curves over finite fields….

so in fact reversing multiplication in the group of an elliptic curve is not just equivalent to the discrete log problem, it is the discrete log problem in a certain class of finite group. As is pointed out in this post, there are elliptic curves where an adversary may have information that makes the discrete log problem unexpectedly easy, but the adversary is still solving the discrete log problem.

]]>The build environment is the standard Intel board support one.

]]>Thank you for quick reply & It will be thankful if TPM2.0 repo as separate repo.

Thank you

Regards

Satish.G

The repo not updating is a huge problem, though: openssl_tpm_engine doesn’t work with any openssl above 1.0.2 because of all the openssl changes. I was thinking it might be better to split the tpm2 functions into a separate repository, so at least I can keep it updated.

]]>I had requirement to enable the TPM 2.0 on the Intel board using Linux & thanks for your blog page.

Following your blog page and working fine till “taking ownership of a TPM2 is to set the authorization passwords” and got the issue in the next level “Using TPM2 as a keystore” because openssl patch provided “https://build.opensuse.org/package/view_file/home:jejb1:Tumbleweed/openssl_tpm_engine/0005-add-TPM2-version-of-create_tpm2_key-and-libtpm2.so-e.patch?expand=1” is not applicable .

I got git repository from link “https://sourceforge.net/p/trousers/openssl_tpm_engine/ci/master/tree/” .

& trying to compile & got errors as

create_tpm_key.c: In function ‘main’:

create_tpm_key.c:243:3: warning: implicit declaration of function ‘Trspi_Error_String’ [-Wimplicit-function-declaration]

print_error(“Tspi_Context_Create”, result);

^

create_tpm_key.c:243:3: warning: format ‘%s’ expects argument of type ‘char *’, but argument 7 has type ‘int’ [-Wformat=]

create_tpm_key.c:248:3: warning: format ‘%s’ expects argument of type ‘char *’, but argument 7 has type ‘int’ [-Wformat=]

print_error(“Tspi_Context_Connect”, result);

^

create_tpm_key.c:257:3: warning: format ‘%s’ expects argument of type ‘char *’, but argument 7 has type ‘int’ [-Wformat=]

print_error(“Tspi_Context_CreateObject”, result);

I am not moving ahead from this part.

can you please help for the same.

My Observastion:

1) ibmtpm974.tar.gz is for tpm_server which listens to port no:2321

2) https://github.com/PeterHuewe/linux-tpmdd — Linux kernel with Resource Manager patches

3) “tpmutils” “utils” — Providing utilities to generate the Keys & passwords.

4) trousers-openssl_tpm_engine — It is for create create_tpm2_key () with Patch applied.

I got error in 4 th level when I am trying to compile the trousers-openssl_tpm_engine , It is failing without applying patch.

and

Can we use “trousers-testsuite” with TPM2.0 because trousers are no where used here, this is having tsstests.sh , is this applicable for TPM2.0 also

can you please guide further.

Thank you in advance.

Regards,

Satish.G