[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

*From*: James Muir <muir.james.a AT gmail.com>*Subject*: Re: [Cryptography] FW: real world binary ecc*Date*: Thu, 19 Nov 2020 00:00:20 -0500*Cc*: Nicola <nic.tuv AT gmail.com>*List-archive*: <https://www.metzdowd.com/pipermail/cryptography>*Sender*: "cryptography" <cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com>*To*: "cryptography AT metzdowd.com" <cryptography AT metzdowd.com>

On 2020-11-15 2:45 p.m., Salz, Rich via cryptography wrote:

Forwarded with permission; Nicoli is one of the (sic) key implementors of ECC in the OpenSSL project. On 11/15/20, 10:19 AM, "Nicola Tuveri" <nic.tuv AT gmail.com> wrote: > suppose you want to create a new TLS library. Should you support binary curves? I'd dare say, from an implementer perspective, the answer to this is "likely no". RFC 8422, in obsoleting RFC 4492, has de facto removed support of binary curves from TLS 1.2 and earlier.

5.1.1. Supported Elliptic Curves Extension RFC 4492 defined 25 different curves in the NamedCurve registry (now renamed the "TLS Supported Groups" registry, although the enumeration below is still named NamedCurve) for use in TLS. Only three have seen much use. This specification is deprecating the rest (with numbers 1-22). This specification also deprecates the explicit curves with identifiers 0xFF01 and 0xFF02. It also adds the new curves defined in [RFC7748]. The end result is as follows: enum { deprecated(1..22), secp256r1 (23), secp384r1 (24), secp521r1 (25), x25519(29), x448(30), reserved (0xFE00..0xFEFF), deprecated(0xFF01..0xFF02), (0xFFFF) } NamedCurve;

4.3 Curves over Binary Fields This section specifies elliptic curves over binary fields where each curve takes the form of a curve in short-Weierstrass form and is either a Koblitz curve (Section 4.3.1) or a pseudorandom curve (Section 4.3.2). Due to their limited adoption, elliptic curves over binary fields (i.e., all the curves specified in Section 4.3) are deprecated and may be removed from a subsequent revision to these guidelines to facilitate interoperability and simplify elliptic curve standards and implementations. New implementations should select an appropriate elliptic curve over a prime field from Section 4.2.

cheers, -James M _______________________________________________ The cryptography mailing list cryptography AT metzdowd.com https://www.metzdowd.com/mailman/listinfo/cryptography

**References**:**[Cryptography] FW: real world binary ecc***From:*Salz, Rich via cryptography

- Prev by Date:
**Re: [Cryptography] Possible reason why password usage rules are such a mess** - Next by Date:
**Re: [Cryptography] Possible reason why password usage rules are such a mess** - Previous by thread:
**[Cryptography] FW: real world binary ecc** - Next by thread:
**Re: [Cryptography] FW: real world binary ecc** - Index(es):