Re: X25519 Unlisted by -list_curves and Any Trusted Python Code for X, Y Coordinates

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thursday, 26 December 2019 00:50:29 CET, Salz, Rich via openssl-users wrote:
* I want to us ECDSA for my Web server's SSL certificate via an ACME client to Let's Encrypt and maybe later BuyPass.

That’s fine.


* I thought that EC is better than RSA, but now I don't think so. The answer seems to be: it depends.

There are trade-offs. The biggest one is that EC gives equivalent security with a much smaller keysize.


* Safe Curves (SafeCurves: Introduction<https://urldefense.proofpoint.com/v2/url?u=https-3A__safecurves.cr.yp.to_&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=FZ0AXmFqGUcUdZYm5wdvA4_d71tTi9iIRfHWFcL8wRo&s=ntsSs3tKgynp0pN2J8Yxf8Cd1wrWobKgA4jQ_PLgtPY&e=>) says …

FWIW, SafeCurves is mostly the guy behind 25519 :) This is not a slam against djb, who’s kinda brilliant.

If you’re not sure what to do, perhaps follow what the browsers do. That way if something’s wrong you’ll just be going up in flames with the rest of the world.

If you don’t trust the NSA and therefore don’t trust NIST, do you accept AES? What about when they approve 25519?

there's also the difference between a "is the curve a safe generic cryptographic
primitive?" and "is the curve safe when used in X.509 and TLS?"

--
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 115, 612 00  Brno, Czech Republic





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux