Signing
From MgmtWiki
Full Title or Meme
A signature on a digital document is designed to show that the document has not be altered and the identity of the key used to make the signature.
Solutions
Curves Supported by OpenSSL can be discovered by keying (there will typically be many more that shown here)
openssl ecparam -list_curves
IETF name | NIST name | SSL | Description |
secp256k1 | default | Koblitz curve 256 bit SEC | |
secp256r1 | P-256 | default | random curve 256 bit SEC SUITE B |
secp384r1 | P-384 | default | random curve 386 bit SEC SUITE B -OK for TOP SECRET |
secp521r1 | P-521 | default | random curve 521 bit SEC - not worth the extra work |
sect283r1 | Weierstrass curve 283-bit | ||
brainpoolP256r1 | default | ||
brainpoolP384r1 | default | ||
brainpoolP521r1 | default | ||
brainpoolP256t1 |
References
- Standards for Efficient Cryptography SEC 2: Recommended Elliptic Curve Domain Parameters
- IBM MQ SSL curves supported
- On 2022-08-19 the NSA Commercial National Security Algorithm Suite replaced SUITE B