Re[2]: ECDH parameters
Thanks for info! So, EC crypto uses standard curves, and temp ECDH parameters consists of choice of one of these curves. After rereading s_server documentation, noticed -named_curve option and it seems to be equivalent to -dhparam option for DH. That explains everything so far. nistp256 is the same as secp256k1? s_server documentation (output of s_server -?) says that nistp256 is the default, but such exact name is not present in output of ecparam -list_curves. > 2011/7/1 yyy : >> Hello! >> >> s_server (and probably other TLS servers), requires ECDH parameters, if >> using ECDH ciphersuites. (probably similarily as for DH parameters with DH >> ciphersuites). >> It seems, that these are supposed to be generated using: >> ecparam -name 'name_of_named_curve', >> but this always generates the same output (it seems to be somehow encoded >> name of that curve). > Generating a curve (ie, 'domain parameters') can be tricky business > due to point counting. In practice, one uses a standard curve observed > by ANSI, IETF, IEEE, NIST, etc. For example, > http://tools.ietf.org/html/rfc5349. If you want a custom curve, I > recommend a tool such as Marcel Martin's Elliptic Curve Builder (ECB). > > A private key (and public) are selected once domain parameters have > been chosen. The private key is 'x' or 'd' (a multiplier), which > results in a public key 'Q' (a point). The relationship is Q = x*G, > where G is the base point. > >> DH parameters contained randomly changing data. ECDH, for key exchange, only >> needs specified curve and nothing else? > During key establishment, ephemeral keys (throw away public and > private keys) will be used. > > If you want to generate a private key, try: > $ openssl ecparam -name secp256k1 -genkey -param_enc explicit -outform > DER -out ec-openssl.der > > To get the public key: > $ openssl ecparam -param_enc explicit -name secp256k1 -genkey -outform > PEM -out ec-openssl.pem > $ openssl ec -param_enc explicit -inform PEM -in ec-openssl.pem > -pubout -outform DER -out ec-openssl.der > > Jeff __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: ECDH parameters
2011/7/1 yyy : > Hello! > > s_server (and probably other TLS servers), requires ECDH parameters, if > using ECDH ciphersuites. (probably similarily as for DH parameters with DH > ciphersuites). > It seems, that these are supposed to be generated using: > ecparam -name 'name_of_named_curve', > but this always generates the same output (it seems to be somehow encoded > name of that curve). Generating a curve (ie, 'domain parameters') can be tricky business due to point counting. In practice, one uses a standard curve observed by ANSI, IETF, IEEE, NIST, etc. For example, http://tools.ietf.org/html/rfc5349. If you want a custom curve, I recommend a tool such as Marcel Martin's Elliptic Curve Builder (ECB). A private key (and public) are selected once domain parameters have been chosen. The private key is 'x' or 'd' (a multiplier), which results in a public key 'Q' (a point). The relationship is Q = x*G, where G is the base point. > DH parameters contained randomly changing data. ECDH, for key exchange, only > needs specified curve and nothing else? During key establishment, ephemeral keys (throw away public and private keys) will be used. If you want to generate a private key, try: $ openssl ecparam -name secp256k1 -genkey -param_enc explicit -outform DER -out ec-openssl.der To get the public key: $ openssl ecparam -param_enc explicit -name secp256k1 -genkey -outform PEM -out ec-openssl.pem $ openssl ec -param_enc explicit -inform PEM -in ec-openssl.pem -pubout -outform DER -out ec-openssl.der Jeff __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
ECDH parameters
Hello! s_server (and probably other TLS servers), requires ECDH parameters, if using ECDH ciphersuites. (probably similarily as for DH parameters with DH ciphersuites). It seems, that these are supposed to be generated using: ecparam -name 'name_of_named_curve', but this always generates the same output (it seems to be somehow encoded name of that curve). Is this intended behavior? DH parameters contained randomly changing data. ECDH, for key exchange, only needs specified curve and nothing else? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org