Menu
▾
▴
Re: [Ejbca-develop] Why ECDSA keys require a minimum size of 224 bits for Crypto Token key pair generation?
|
From: Tomas G. <to...@pr...> - 2019-01-08 14:34:19
|
Good hunting of the originating committ! I see it originates from this issue: https://jira.primekey.se/browse/ECA-2801 There is no reference to the size 224 being a limit there, so we don't know. Being since 2013, it's interesting that this is the first time anyone asks for curves shorter than 224. Since EC is being used extensively, I guess there is no real wide spread use of the sorter curves. I made a note of this in the documentation for the next release. Unless there is a substantial argument why you want to use shorter curves, I'll leave it as it is. Regards, Tomas On 2018-12-29 23:28, Andreas Kuehne wrote: > Hi Jaime, > > an unclear reasoning and origin is a good starting point for conspiracy > theories! > > The code snippet seems to implement a DIY approach to decide on > algorithm suitability. A more standardized approach is given in > > Data Structure for the Security Suitability of Cryptographic Algorithms > (DSSC) > https://tools.ietf.org/html/rfc5698 > > This could be a good base for a catalog of supported algorithm. A > quick search did not reveal any ready-made implementations but I would > guess a given standard is better than re-inventing a wheel. > > Greetings, > > Andreas >> On Sat, Dec 22, 2018 at 1:59 PM Andreas Kuehne <ku...@tr...> wrote: >> >>> Hi Jaime, >>> >>> interesting finding! Due to https://safecurves.cr.yp.to/ there are at >>> least two curves with (slightly) shorter key length. On the other hand the >>> NIST-224 is considered insecure ... >>> >> Thanks for pointing out this resource. >> >> >>> Are there any specific reasons for implementing this restriction? >>> >> I'm asking the same myself. I can trace back that change to the following >> old (5 years ago) commit, >> https://github.com/rgorosito/ejbca/commit/49a8e1c5ff448c3d27c132e46675ed27ef7cb65b#diff-52fc78614bcdfb702e0bf5b66a3ffbfc, >> but the motivation for it is no clear to me at first glance. >> >> >>> Greetings, >>> >>> Andreas >>> >>> In EJBCA 6.10.1.2+, if you create a Crypto Token from the Admin GUI and >>> then you try to generate an EC keypair for it, you find that certain curves >>> are not availabe, e.g. B-163, even when the documentation indicates support >>> for them (seehttps://www.ejbca.org/docs/ECDSA_Keys_and_Signatures.html#src-16224742_id-.ECDSAKeysandSignaturesv6.12.0-Named_curves >>> ). >>> >>> Looking at the source code I can see the cause for it is in the following >>> method, org.cesecore.keys.util.KeyTools#checkValidKeyLength: >>> >>> public static void checkValidKeyLength(final String keyAlg, final int len) >>> throws InvalidKeyException { >>> ... >>> if (*isEcdsa *|| isGost3410 || isDstu4145) { >>> ... >>> if ((len > 0) && (*len < 224)*) { >>> final String msg = >>> intres.getLocalizedMessage("catoken.invalidkeylength", "ECDSA", "224", >>> Integer.valueOf(len)); >>> *throw new InvalidKeyException(msg);* >>> } >>> } ... >>> } >>> >>> But, why is it so?. Are there potentials problems with EC curves with a key >>> size smaller than 224 bits?. >>> >>> PS: I'm a total ignorant of EC cryptography. >>> >>> >>> >>> _______________________________________________ >>> Ejbca-develop mailing lis...@li...://lists.sourceforge.net/lists/listinfo/ejbca-develop >>> >>> >>> -- >>> Andreas Kühne >>> phone: +49 177 293 24 97 >>> mailto: ku...@tr... >>> >>> Trustable Ltd. Niederlassung Deutschland Gartenheimstr. 39C - 30659 Hannover Amtsgericht Hannover HRB 212612 >>> >>> Director Andreas Kühne >>> >>> Company UK Company No: 5218868 Registered in England and Wales >>> >>> _______________________________________________ >>> Ejbca-develop mailing list >>> Ejb...@li... >>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop >>> >> >> >> _______________________________________________ >> Ejbca-develop mailing list >> Ejb...@li... >> https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > > -- > Andreas Kühne > phone: +49 177 293 24 97 > mailto: ku...@tr... > > Trustable Ltd. Niederlassung Deutschland Gartenheimstr. 39C - 30659 Hannover Amtsgericht Hannover HRB 212612 > > Director Andreas Kühne > > Company UK Company No: 5218868 Registered in England and Wales > > > > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > |
