Hello everyone! To our surprise, brainpool EC have been deprecated with Java 14+ [1]. However, JDK-8234924 [1] does not add any information on WHY they would have been deprecated. In fact, neither NIST (USA) nor BSI (Germany) list them as deprecated. On the contrary, both institutions list them as an acceptable cipher.
As a matter of fact, the deprecation notice seem to have originated by bad wording. Please read this quote from Manfred Lochter, how works at the BSI: > The unfortunate wording about the brainpool curves originated in TLS 1.3, > however RFC 8734 makes the curves usable for TLS again. > We will continue to recommend the Brainpool curves. > It should also be noted that the arguments for the "modern formulas" have all > been refuted by now. > Especially the implementation of Curve 25519 requires more effort to protect > against SCA; > the deterministic signatures are vulnerable to fault injection. > In the medium term, however, the switch to post-quantum cryptography is > necessary; > there are comprehensive recommendations on this at [2] Now, european banking and health industry still do rely heavily on brainpool curves. Given all these facts, I hereby request to undo the depracation of brainpool EC in OpenJDK. Please let me know what lead to the assumption that brainpool ciphers were deprecated. Neither NIST nor BSI seems to be the source. Given all the facts, it should still be included. References: [1]: https://bugs.openjdk.org/browse/JDK-8234924 [2]: https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/Quantentechnologien-und-Post-Quanten-Kryptografie/quantentechnologien-und-post-quanten-kryptografie_node.html Mit freundlichen Grüßen Benjamin Marwell
smime.p7s
Description: S/MIME cryptographic signature