> Is there a up to date list of elliptic curves approved or recommended for
> government use in OpenSSL?
You'll have to look outside OpenSSL for advice like that.
I would suggest looking at the CFRG, part of the IETF basically. Do web search
for curve recommendations.
Good luck. It's a
Thanks for the reply Jakob. Is there a mapping in the government's
elliptic curve names to the names in OpenSSL?
For instance, the API EC_KEY_new_by_curve_name( int nid ) takes an id of
the EC name where the id can be something like
NID_X9_62_prime256v1, NID_X9_62_prime239v3, etc. that are
I see there is a list of recommended list by NIST in
http://csrc.nist.gov/groups/ST/toolkit/documents/dss/NISTReCur.pdf, but
it is very old (1999)
Is there a up to date list of elliptic curves approved or recommended
for government use in OpenSSL?
Is NID_X9_62_prime256v1 the strongest?
Thanks
In the NSA page referred above, the p-384 curves are specifically mentioned
for DH. These would be the ones covered by the Suite B NSA license
sub-licensed to OpenSSL, are they ? Is it possible to build OpenSSL in FIPS
in such a way that only these curves will be used ?
Regards.
--
View this
On 11/11/2015 21:02, Alex Chen wrote:
I see there is a list of recommended list by NIST in
http://csrc.nist.gov/groups/ST/toolkit/documents/dss/NISTReCur.pdf,
but it is very old (1999)
Is there a up to date list of elliptic curves approved or recommended
for government use in OpenSSL?
Is
On 11/11/15 20:53, jonetsu wrote:
> In the NSA page referred above, the p-384 curves are specifically mentioned
> for DH. These would be the ones covered by the Suite B NSA license
> sub-licensed to OpenSSL, are they ? Is it possible to build OpenSSL in FIPS
> in such a way that only these