Discrete-Logarithm-Based Cryptography
Functions
This section introduces Intel® Integrated Performance
Primitives (Intel® IPP) Cryptography functions allowing for different
operations with Discrete Logarithm (DL) based cryptosystem over a prime finite
field GF(
p
). The functions are mainly based
on the [IEEE P1363A] standard. Implementation of the Digital
Signature operations is based on [FIPS PUB 186-2]. The Diffie-Hellman (DH) Agreement scheme
is based on [X9.42].
All functions described in this section employ the
IppsDLPState
context as
operational vehicle that carries domain parameters of the DL cryptosystem, a
pair of keys, and working buffers.
The application code intended for executing typical
operations should perform the following sequence of operations:
- Call the functionDLPGetSizeto get the size required to configure theIppsDLPStatecontext.
- Ensure that the required memory space is properly allocated. With the allocated memory, call theDLPInitfunction to initialize the context of the DL-based cryptosystem.
- Set domain parameters of the DL-based cryptosystem by calling theDLPSetfunction, or generate domain parameters by calling theDLPGenerateDSAorDLPGenerateDH.
- Call one of the functionsDLPSignDSA,DLPVerifyDSA, andDLPSharedSecretDHto compute digital signature, to verify authenticity of the digital signature, and to compute the shared element accordingly.
- Clean up secret data stored in the context.
- Free the memory allocated for theIppsDLPStatecontext by calling the operating system memory free service function unless the context is no longer needed.
The
IppsDLPState
context is
position-dependent. The
DLPPack/DLPUnpack
functions transform the position-dependent context to a position-independent
form and vice versa.