Issue | The following table summarises the Elliptic Curve types supported by RSA Certificate Manager:
Elliptic Curve Signing AlgorithmsXudaCryptoInfo Name
(RCM API) | Signing Algorithm Name
(RCM Administration Console) | Description | Supported Sizes |
---|
XudaCryptoECCCurvesA | ECCA | BSAFE “A” elliptic curves | 163, 239 | XudaCryptoECCCurvesB | ECCB | BSAFE “B” elliptic curves | 163 | XudaCryptoECCCurvesP | ECCP | “P” elliptic curves with curve OID | 256, 384, 521 | XudaCryptoECCCurvesPWithParams | ECCPwithParams | BSAFE “P” elliptic curves with explicit curve parameters | 256, 384, 521 | However, the RSA Certification Manager documentation does not define the exact curves used for each of these. |
Resolution | Supported ECC Curves ReferencesCurve Type | Size | Technical Description | ECC Standard (see below) |
---|
ECC A | 163 | Elliptic Curve Domain Parameters over F 2^m is sect163k1 (koblitz) | 1 | ECC A | 239 | Elliptic Curve Domain Parameters over F 2^m is sect239k1 (koblitz) | 2 | ECC B | 163 | Elliptic Curve Domain Parameters over F 2^m is sect163r1 (random) | 3 | ECC P | 256 | Elliptic Curve Domain Parameters over F p - Key pair is generated using BSAFE Crypto-C with defined curve NIST_P256 | 4 | ECC P | 384 | Elliptic Curve Domain Parameters over F p - Key pair is generated using BSAFE Crypto-C with defined curve NIST_P384 | 5 | ECC P | 521 | Elliptic Curve Domain Parameters over F p - Key pair is generated using BSAFE Crypto-C with defined curve NIST_P521 | 6 | ECC P with params | 256 | Elliptic Curve Domain Parameters over F p - Keys pair is generated using BSAFE Crypto-C with field type FT_PRIME256V1 | 4 | ECC P with params | 384 | Elliptic Curve Domain Parameters over F p - Keys pair is generated using BSAFE Crypto-C with field type FT_NIST_PRIME384 | 5 | ECC P with params | 521 | Elliptic Curve Domain Parameters over F p - Keys pair is generated using BSAFE Crypto-C with field type FT_NIST_PRIME521 | 6 |
ECC Standards The curves specified in the table above, are defined in full in the following:
- Standards for Efficient Cryptography - SEC 2: Recommended Elliptic Curve Domain Parameters, "3.4.1 Recommended Parameters sect163k1", p. 27, Certicom Research, September 20, 2000, Version 1.0, available at http://www.secg.org/SEC2-Ver-1.0.pdf
- Standards for Efficient Cryptography - SEC 2: Recommended Elliptic Curve Domain Parameters, "3.7.1 Recommended Parameters sect239k1", p. 32, Certicom Research, September 20, 2000, Version 1.0, available at http://www.secg.org/SEC2-Ver-1.0.pdf
- Standards for Efficient Cryptography - SEC 2: Recommended Elliptic Curve Domain Parameters, "3.4.2 Recommended Parameters sect163r1", p. 28, Certicom Research, September 20, 2000, Version 1.0, available at http://www.secg.org/SEC2-Ver-1.0.pdf
- FIPS 186-4: "D.2.3 Curve P-256", p. 102, available at http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
- FIPS 186-4: "D.2.4 Curve P-384", p. 103, available at http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
- FIPS 186-4: "D.2.5 Curve P-521", p. 104, available at http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
See also RSA Knowledge Base Article Number 32299 Difference between ECCP and ECCPWithParams Elliptic Curve Types |