Curves

I'd like to start using EdDSA curves for customers (and push for HSM support). This would be much easier if there weren't so many policies (that pre-date development of the curves) preventing actual use of the tech. Any thoughts on when/if the policy will change? Jeremy smime.p7s

Re: Disabling all uses of elliptical curves

On Wed, May 11, 2016 at 11:08 PM, Hubert Kario wrote: > I haven't tested it, but I don't think that will stop NSS trusting RSA > certificates signed by ECC CAs. There are plenty of things that NSS will still do with ECC if you disable ECC cipher suites. That's for sure. If

Re: Cipher suits, signature algorithms, curves in Firefox

On Friday 06 May 2016 10:34:37 Zoogtfyz wrote: > > the larger key size helps w.r.t. quantum computers. > > If quantum computers are currently on the level of breaking AES-128, > then they are on the level of breaking any asymmetric cryptography > (RSA, DHE or ECDHE key exchange) we are using -

Re: Disabling all uses of elliptical curves

s> > > On Fri, Apr 29, 2016 at 3:44 PM, jonetsu <jone...@teksavvy.com> wrote: > >> Hello, > >> > >> Is there a run-time option to disable all and every uses of > >> elliptical curves ? > >> > >> If not, is there a compile option ? &

Re: Cipher suits, signature algorithms, curves in Firefox

into account other than "strength". Indeed, and those considerations might be application-specific, or hardware-specific, which is why I think the above 2 ERs make sense to implement. When it comes to signature algorithms and curves, IMO, there should be some runtime support for config

Re: Cipher suits, signature algorithms, curves in Firefox

Brian Smith wrote: > A lot of people have interpreted what I wrote as saying AES-256 is bad. I was not really referring to what you wrote about AES-256. I was referring to for example https://eprint.iacr.org/2009/374 . Even though those are related key attacks (which should not be relevant to

Re: Cipher suits, signature algorithms, curves in Firefox

On Fri, May 6, 2016 at 10:12 AM, Peter Bowen wrote: > Is a reasonable path to implement > https://tools.ietf.org/html/draft-ietf-tls-negotiated-ff-dhe-10 and > treat ECDHE suites as being DHE using a Supported Group? This would > avoid new cipher suite IDs and accomplish the

Re: Cipher suits, signature algorithms, curves in Firefox

On Fri, May 6, 2016 at 9:33 AM, Brian Smith wrote: > So, I don't think that dropping AES-256 is the right thing to do. Instead, > the ECDHE-AES-256-GCM cipher suites should be added to Firefox. Note that > they were just recently added to Google Chrome. These are also

Re: Cipher suits, signature algorithms, curves in Firefox

On Thu, May 5, 2016 at 4:33 PM, Brian Smith wrote: > Zoogtfyz wrote: >> >> 3) DHE (not ECDHE) cipher suits are far too often implemented incorrectly, >> most often with default common DH primes, DH parameter reuse, or generally >> weak bitstrenght

Re: Cipher suits, signature algorithms, curves in Firefox

uld be dropped > 3) Ordering from strongest to weakest, as opposed to what it is today. > There are other considerations to take into account other than "strength", as David Benjamin's proposal and my suggestion linked above show. > Additionally, Firefox 45esr currently supports t

Re: Cipher suits, signature algorithms, curves in Firefox

On 05/05/16 15:22, Zoogtfyz wrote: > This is my recommendation for changes to the supported ciphersuits in > Mozilla Firefox. I performed rigorous compatibility testing and > everything works as advertized. I used Firefox telemetry data, SSL > Pulse data, and my own tests to verify that *not a

Cipher suits, signature algorithms, curves in Firefox

to what it is today. Additionally, Firefox 45esr currently supports these elliptic curves in this ordering: secp256r1, secp384r1, secp521r1 I recommend removing support for secp521r1 since it is not supported in the wild, Chrome does not support it, and we should be moving away from secp curves

Re: Disabling all uses of elliptical curves

ozilla.org/en-US/docs/Mozilla/Projects/NSS/Reference/NSS_environment_variables > > On Fri, Apr 29, 2016 at 3:44 PM, jonetsu <jone...@teksavvy.com> wrote: > >> Hello, >> >> Is there a run-time option to disable all and every uses of elliptical >> cur

Re: Disabling all uses of elliptical curves

Is there a run-time option to disable all and every uses of elliptical > curves ? > > If not, is there a compile option ? > > Thanks. > > > > > -- > View this message in context: > http://mozilla.6506.n7.nabble.com/Disabling-all-uses-of-elliptical-curves-t

Disabling all uses of elliptical curves

Hello, Is there a run-time option to disable all and every uses of elliptical curves ? If not, is there a compile option ? Thanks. -- View this message in context: http://mozilla.6506.n7.nabble.com/Disabling-all-uses-of-elliptical-curves-tp354147.html Sent from the Mozilla - Cryptography

Re: Other ECC Curves

Is patch good? This patch is only valid for key exchange (ECDH), while Rick's email is about certificate signing (ECDSA). Curve25519, and probably other Bernstein's curves, can't be used with ECDSA (EdDSA must be used, a different algo). Rick, if you want to support other curves (Brainpool?), you

Re: Other ECC Curves

On Monday, June 9, 2014 4:27:56 PM UTC-7, Rick Andrews wrote: AFAIK, Symantec and other CAs have added ECC roots to Mozilla's root store using NIST curves. Are any other ECC curves supported by Mozilla, in case one wanted to use a different curve? Is the list of supported algorithms and key

Other ECC Curves

AFAIK, Symantec and other CAs have added ECC roots to Mozilla's root store using NIST curves. If a CA wanted to add a root using a different curve, we would need to know what other curves were supported by Mozilla. Is this info published anywhere? -- dev-tech-crypto mailing list dev-tech

Re: Other ECC Curves

On 06/10/2014 09:47 AM, Kurt Roeckx wrote: On Mon, Jun 09, 2014 at 04:27:56PM -0700, Rick Andrews wrote: AFAIK, Symantec and other CAs have added ECC roots to Mozilla's root store using NIST curves. Are any other ECC curves supported by Mozilla, in case one wanted to use a different curve

NIST ECC curves in NSS

Hi, I'm using NSS 3.12.4 with NSPR 4.8 release. I want to generate keys and certs with the basic supported ECC curves (nistp256, nistp384, nistp521) included when NSS is compiled with the NSS_ENABLE_ECC flag. However, when I try using certutil to generate certificates using the basic NIST

Re: NIST ECC curves in NSS

On 2009-11-19 10:17 PST, Kai Chan wrote: I'm using NSS 3.12.4 with NSPR 4.8 release. I want to generate keys and certs with the basic supported ECC curves (nistp256, nistp384, nistp521) included when NSS is compiled with the NSS_ENABLE_ECC flag. However, when I try using certutil

Re: NIST ECC curves in NSS

, Kai Chan wrote: I'm using NSS 3.12.4 with NSPR 4.8 release. I want to generate keys and certs with the basic supported ECC curves (nistp256, nistp384, nistp521) included when NSS is compiled with the NSS_ENABLE_ECC flag. However, when I try using certutil to generate certificates using

Re: NIST ECC curves in NSS

2009/11/19 Kai Chan nahc...@gmail.com: Hi, I'm using NSS 3.12.4 with NSPR 4.8 release.  I want to generate keys and certs with the basic supported ECC curves (nistp256, nistp384, nistp521) included when NSS is compiled with the NSS_ENABLE_ECC flag.  However, when I try using certutil

Re: NIST ECC curves in NSS

with the basic supported ECC curves (nistp256, nistp384, nistp521) included when NSS is compiled with the NSS_ENABLE_ECC flag. However, when I try using certutil to generate certificates using the basic NIST curves, I keep receiving the security library failure error. Is there something in NSS

Re: NIST ECC curves in NSS

On 2009-11-19 13:07 PST, Kai Chan wrote: Ah, noobtastic... A new word for my vocabulary! :) Thank you for reminding me to check shared library dependencies. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto

Elliptic Curve Key Generation Parameter Names for Standard Curves in JSS

Based on the LXR examples on the JSS test page I appear to be able to generate Elliptic Curve Pairs. The examples show generation of keys of various length. However, I would like to generate key pairs using the standard curves recognized by NIST or included in Suite B. The Java documentation