ECC cipher suites

Werner Koch wk at
Tue Aug 25 17:15:10 CEST 2009

On Tue, 25 Aug 2009 14:34, ueno at said:

> After a quick search on Gmane, the primary (technical) reason seems that
> there is no way to compute ECDH with libgcrypt.  If so, how about simply

We need this (or a variant) for OpenPGP as well, by Sergi Blanch i Torne,
(sergi at calcurco dot org) is working on that.

> exporting the EC version of powm and curve selection API[2]?

I am not sure whether whether the current API is okay, thus I hesitate
to publish it.

> Anyway, would it make sense?  Comments are appreciated.

Yes.  There is the potential patent problem of course.  FWIW, RedHat
removed all ECC code from Lobgcrypt.

> [1] I recently got my paperwork done for both GnuTLS/libgcrypt, and I am
> seeking for next interesting project.

I noticed :-)

> [2] I have first considered a generic key-agreement interface in
> libgcrypt, but I now think that it's too much - currently only DH
> variants are used in practice.

I also though of that when I wrote an ssh library but came to the
conclusion that we need to exchnage too much data in a very portable
way.  In the end such an abstract interface would be too complex.



Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gcrypt-devel mailing list