Menu
▾
▴
Re: [Ejbca-develop] Why ECDSA keys require a minimum size of 224 bits for Crypto Token key pair generation?
|
From: Andreas K. <ku...@tr...> - 2018-12-22 18:58:19
|
Hi Jaime, interesting finding! Due to https://safecurves.cr.yp.to/ there are at least two curves with (slightly) shorter key length. On the other hand the NIST-224 is considered insecure ... Are there any specific reasons for implementing this restriction? Greetings, Andreas > In EJBCA 6.10.1.2+, if you create a Crypto Token from the Admin GUI and > then you try to generate an EC keypair for it, you find that certain curves > are not availabe, e.g. B-163, even when the documentation indicates support > for them (see > https://www.ejbca.org/docs/ECDSA_Keys_and_Signatures.html#src-16224742_id-.ECDSAKeysandSignaturesv6.12.0-Named_curves > ). > > Looking at the source code I can see the cause for it is in the following > method, org.cesecore.keys.util.KeyTools#checkValidKeyLength: > > public static void checkValidKeyLength(final String keyAlg, final int len) > throws InvalidKeyException { > ... > if (*isEcdsa *|| isGost3410 || isDstu4145) { > ... > if ((len > 0) && (*len < 224)*) { > final String msg = > intres.getLocalizedMessage("catoken.invalidkeylength", "ECDSA", "224", > Integer.valueOf(len)); > *throw new InvalidKeyException(msg);* > } > } ... > } > > But, why is it so?. Are there potentials problems with EC curves with a key > size smaller than 224 bits?. > > PS: I'm a total ignorant of EC cryptography. > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop -- Andreas Kühne phone: +49 177 293 24 97 mailto: ku...@tr... Trustable Ltd. Niederlassung Deutschland Gartenheimstr. 39C - 30659 Hannover Amtsgericht Hannover HRB 212612 Director Andreas Kühne Company UK Company No: 5218868 Registered in England and Wales |
