Difference between revisions of "Signing"

From MgmtWiki
Jump to: navigation, search
(References)
(Solutions)
Line 15: Line 15:
 
| secp256r1||P-256 ||default  || random curve 256 bit SEC [https://www.nsa.gov/ia/programs/suiteb_cryptography/ SUITE B]
 
| secp256r1||P-256 ||default  || random curve 256 bit SEC [https://www.nsa.gov/ia/programs/suiteb_cryptography/ SUITE B]
 
|-
 
|-
| secp384r1|| P-384|| default || random curve 386 bit SEC [https://www.nsa.gov/ia/programs/suiteb_cryptography/ SUITE B]
+
| secp384r1|| P-384|| default || random curve 386 bit SEC [https://www.nsa.gov/ia/programs/suiteb_cryptography/ SUITE B] -OK for TOP SECRET
 
|-
 
|-
 
| secp521r1|| P-521|| default || random curve 521 bit SEC - not worth the extra work
 
| secp521r1|| P-521|| default || random curve 521 bit SEC - not worth the extra work

Revision as of 11:33, 30 July 2022

Full Title or Meme

A signature on a digital document is designed to show that the document has not be altered and the identity of the key used to make the signature.

Solutions

Curves Supported by OpenSSL can be discovered by keying (there will typically be many more that shown here)

openssl ecparam -list_curves


IETF name NIST name SSL Description
secp256k1 default Koblitz curve 256 bit SEC
secp256r1 P-256 default random curve 256 bit SEC SUITE B
secp384r1 P-384 default random curve 386 bit SEC SUITE B -OK for TOP SECRET
secp521r1 P-521 default random curve 521 bit SEC - not worth the extra work
sect283r1 Weierstrass curve 283-bit
brainpoolP256r1 default
brainpoolP384r1 default
brainpoolP521r1 default
brainpoolP256t1

References