datatracker.ietf.org
Sign in
Version 5.6.3, 2014-09-19
Report a bug

Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS)
RFC 4492

Document type: RFC - Informational (May 2006; Errata)
Updated by RFC 7027, RFC 5246
Document stream: IETF
Last updated: 2013-03-02
Other versions: plain text, pdf, html

IETF State: (None)
Consensus: Unknown
Document shepherd: No shepherd assigned

IESG State: RFC 4492 (Informational)
Responsible AD: Russ Housley
Send notices to: ekr@networkresonance.com

Network Working Group                                    S. Blake-Wilson
Request for Comments: 4492                                       SafeNet
Category: Informational                                       N. Bolyard
                                                        Sun Microsystems
                                                                V. Gupta
                                                                Sun Labs
                                                                 C. Hawk
                                                               Corriente
                                                              B. Moeller
                                                         Ruhr-Uni Bochum
                                                                May 2006

            Elliptic Curve Cryptography (ECC) Cipher Suites
                   for Transport Layer Security (TLS)

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2006).

Abstract

   This document describes new key exchange algorithms based on Elliptic
   Curve Cryptography (ECC) for the Transport Layer Security (TLS)
   protocol.  In particular, it specifies the use of Elliptic Curve
   Diffie-Hellman (ECDH) key agreement in a TLS handshake and the use of
   Elliptic Curve Digital Signature Algorithm (ECDSA) as a new
   authentication mechanism.

Blake-Wilson, et al.         Informational                      [Page 1]
RFC 4492               ECC Cipher Suites for TLS                May 2006

Table of Contents

   1. Introduction ....................................................3
   2. Key Exchange Algorithms .........................................4
      2.1. ECDH_ECDSA .................................................6
      2.2. ECDHE_ECDSA ................................................6
      2.3. ECDH_RSA ...................................................7
      2.4. ECDHE_RSA ..................................................7
      2.5. ECDH_anon ..................................................7
   3. Client Authentication ...........................................8
      3.1. ECDSA_sign .................................................8
      3.2. ECDSA_fixed_ECDH ...........................................9
      3.3. RSA_fixed_ECDH .............................................9
   4. TLS Extensions for ECC ..........................................9
   5. Data Structures and Computations ...............................10
      5.1. Client Hello Extensions ...................................10
           5.1.1. Supported Elliptic Curves Extension ................12
           5.1.2. Supported Point Formats Extension ..................13
      5.2. Server Hello Extension ....................................14
      5.3. Server Certificate ........................................15
      5.4. Server Key Exchange .......................................17
      5.5. Certificate Request .......................................21
      5.6. Client Certificate ........................................22
      5.7. Client Key Exchange .......................................23
      5.8. Certificate Verify ........................................25
      5.9. Elliptic Curve Certificates ...............................26
      5.10. ECDH, ECDSA, and RSA Computations ........................26
   6. Cipher Suites ..................................................27
   7. Security Considerations ........................................28
   8. IANA Considerations ............................................29
   9. Acknowledgements ...............................................29
   10. References ....................................................30
      10.1. Normative References .....................................30
      10.2. Informative References ...................................31
   Appendix A.  Equivalent Curves (Informative) ......................32

Blake-Wilson, et al.         Informational                      [Page 2]
RFC 4492               ECC Cipher Suites for TLS                May 2006

1.  Introduction

   Elliptic Curve Cryptography (ECC) is emerging as an attractive
   public-key cryptosystem, in particular for mobile (i.e., wireless)
   environments.  Compared to currently prevalent cryptosystems such as
   RSA, ECC offers equivalent security with smaller key sizes.  This is
   illustrated in the following table, based on [18], which gives
   approximate comparable key sizes for symmetric- and asymmetric-key
   cryptosystems based on the best-known algorithms for attacking them.

[include full document text]