EC Diffie-Hellman key agreement models

Token agreement scheme

The caller must have both the required key tokens and both party's identifiers, including a randomly generated nonce.

Combine the exchanged nonce and Party Info into the party identifier. (Both parties must combine this information in the same format.) Then call the EC Diffie-Hellman verb, where EC means Elliptic Curve. Specify a skeleton token or the label of a skeleton token as the output key identifier to be used as a container for the computed symmetric key material. Note, both parties must specify the same key type in their skeleton key tokens.

• Specify rule-array keyword DERIV01 to denote the Static Unified Model key agreement scheme.
• Specify an ECC token as the private key identifier containing this party's ECC public-private key pair.
• Optionally specify a private KEK key identifier, if the key pair is in an external key token.
• Specify an ECC token as the public key identifier containing the other party's ECC public key part.
• Specify a skeleton token as the output key identifier to be used as a container for the computed symmetric key material.
• Optionally specify an output KEK key identifier, if the output key is to be in an external key token.
• Specify the combined party info (including nonce) as the party identifier.
• Specify the desired size of the key to be derived (in bits) as the key bit length.

Obtaining the raw "Z" value

The caller must then derive the final key material using a method of their choice. Do not specify any party info.

• Specify rule array keyword PASSTHRU to denote no key agreement scheme.
• Specify an ECC token as the private key identifier containing this party's ECC public-private key pair.
• Optionally specify a private KEK key identifier, if the key pair is in an external key token.
• Specify an ECC token as the public key identifier containing the other party's ECC public key part.
• The output key identifier will be populated with the resulting shared secret material.