50 likes | 130 Views
AES in CMS. Jim Schaad. AES Parameters. Block Size – Fixed at 16 bytes Key Size – 128, 192 or 256 bits Proposed MUSTs 128 and 256 bits. AES Key Wrap Alogrithm. Waiting for the NSA for review Proposed MUST is 256-bit key wrap only. Key Managment. Key Transport Must support
E N D
AES in CMS Jim Schaad
AES Parameters • Block Size – Fixed at 16 bytes • Key Size – 128, 192 or 256 bits • Proposed MUSTs 128 and 256 bits
AES Key Wrap Alogrithm • Waiting for the NSA for review • Proposed MUST is 256-bit key wrap only
Key Managment • Key Transport • Must support • Must use RSA OAEP • Key Agreement • Must use ESDH with modifications • Use SHA-256 not SHA-1 • Symmetric Key • Use key wrap algorithm