2

I am using both version of openssl 1.0.1 and openssl 1.0.2 : in openssl 1.0.2 have one function which is to set highest preference curve automatically.

But, in openSSL 1.0.1 there is no any function to set highest preference curve automatically.

I have to set manually curve. I dont have much knowledge of ECC so can anyone guide me which curve is best and more secured?

#if OPENSSL_VERSION_NUMBER >= 0x1000200fL

      /* Set automatic curve selection for server ssl to onoff.If onoff is 1 then 
      the highest preference curve is automatically used for ECDH temporary keys 
      used during key exchange. */
      (void)SSL_set_ecdh_auto(ssl, 1);

#elif OPENSSL_VERSION_NUMBER < 0x1000200fL


      sECDH = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);    //  secp256r1 curve - referred as prime256v1
      (void)SSL_set_tmp_ecdh(ssl, sECDH);

#endif

Thanks!

Devang Kubavat
  • 115
  • 2
  • 11

2 Answers2

1

Short answer: secp256r1 secp384r1 and secp521r1 are all good conservative choices. secp256r1 currently has better compatibility with browsers than the others, for more detail, see this question.

If your clients are up to date (aka modern-ish browsers) then I would recommend curve25519. It was invented by Daniel J. Bernstein (a university prof who's famous in the crypto world) and he was very transparent about how he came up with the random numbers, so there's no chance of government backdoors in that curve. It also has better performance than the NIST P-* curves [wikipedia]

But really, anything supported by openssl is fine unless you are a military organization or a bank, in which case stop posting here and hire a security expert!

Mike Ounsworth
  • 58,107
  • 21
  • 154
  • 209
-1

This gets asked here pretty frequently, but the one most applicable to you is probably: Which elliptic curve should I use?

Community
  • 1
Matthew Kosmoski
  • 19
  • 4