ECC cipher suites

Daiki Ueno ueno at
Tue Aug 25 14:34:49 CEST 2009


I looked at the feature comparison table of TLS libraries and noticed
that GnuTLS still lacks ECC support:

Is anyone working on this?  Otherwise, I would like to give it a try[1].

After a quick search on Gmane, the primary (technical) reason seems that
there is no way to compute ECDH with libgcrypt.  If so, how about simply
exporting the EC version of powm and curve selection API[2]?

Anyway, would it make sense?  Comments are appreciated.

[1] I recently got my paperwork done for both GnuTLS/libgcrypt, and I am
seeking for next interesting project.

[2] I have first considered a generic key-agreement interface in
libgcrypt, but I now think that it's too much - currently only DH
variants are used in practice.

Daiki Ueno

More information about the Gnutls-devel mailing list