[Ach] preference of curves in ECC - ECDSA, ECDH

Aaron Zauner azet at azet.org
Sun Mar 9 19:07:27 CET 2014


Hi,

RFC4492 specifies that preference of ECC curves will be handled by the
client [0]. This may not be the best idea, one can circumvent this by
limiting available curves in the openssl configuration. For example,
Apache's mod_ssl is able to dynamically configure this for vHosts:

```
SSLOpenSSLConfCmd ECDHParameters curvename
SSLOpenSSLConfCmd Curves curvename curvename
```

These are settings that can also be applied system-wide in the openssl
configuration [1]. Now the issue I see with that is that we again have
to specify a order of preference with regard to elliptic curves to be
used in our paper. We still do not have a clear and full picture of
possible security or performance concerns regarding currently available
curves. Should we discuss this?

Aaron


[0] - https://tools.ietf.org/html/rfc4492#section-5.1
[1] -
https://www.openssl.org/docs/ssl/SSL_CONF_cmd.html#SUPPORTED_CONFIGURATION_FILE_COM

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140309/03937424/attachment.sig>


More information about the Ach mailing list