000031649 - Elliptic Curve (ECC) types

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 3Show Document
  • Comment0
  • View in full screen mode

Article Content

Article Number000031649
Applies ToRSA Product Set: Digital Certificate Solutions
RSA Product/Service Type: Certificate Manager; Certificate Manager API
RSA Version/Condition: 6.8, 6.9
Platform: all
IssueThe following table summarises the Elliptic Curve types supported by RSA Certificate Manager:
 
Elliptic Curve Signing Algorithms
XudaCryptoInfo Name

   (RCM API)		Signing Algorithm Name

   (RCM Administration Console)		DescriptionSupported Sizes
XudaCryptoECCCurvesAECCABSAFE “A” elliptic curves163, 239
XudaCryptoECCCurvesBECCBBSAFE “B” elliptic curves163
XudaCryptoECCCurvesPECCP“P” elliptic curves with curve OID256, 384, 521
XudaCryptoECCCurvesPWithParamsECCPwithParamsBSAFE “P” elliptic curves with explicit curve parameters256, 384, 521

However, the RSA Certification Manager documentation does not define the exact curves used for each of these.
TasksUse the information provided in the table below to choose the most appropriate ECC curve type to meet your requirements.
Resolution
Supported ECC Curves References
Curve TypeSizeTechnical DescriptionECC Standard (see below)
ECC A163Elliptic Curve Domain Parameters over F 2^m is sect163k1 (koblitz)1
ECC A239Elliptic Curve Domain Parameters over F 2^m is sect239k1 (koblitz)2
ECC B163Elliptic Curve Domain Parameters over F 2^m is sect163r1 (random)3
ECC P256Elliptic Curve Domain Parameters over F p - Key pair is generated using BSAFE Crypto-C with defined curve NIST_P256 4
ECC P384Elliptic Curve Domain Parameters over F p - Key pair is generated using BSAFE Crypto-C with defined curve NIST_P384 5
ECC P521Elliptic Curve Domain Parameters over F p - Key pair is generated using BSAFE Crypto-C with defined curve NIST_P521 6
ECC P with params256Elliptic Curve Domain Parameters over F p - Keys pair is generated using BSAFE Crypto-C with field type FT_PRIME256V1 4
ECC P with params384Elliptic Curve Domain Parameters over F p - Keys pair is generated using BSAFE Crypto-C with field type FT_NIST_PRIME384 5
ECC P with params521Elliptic Curve Domain Parameters over F p - Keys pair is generated using BSAFE Crypto-C with field type FT_NIST_PRIME521 6

ECC Standards


The curves specified in the table above, are defined in full in the following:
  1. Standards for Efficient Cryptography - SEC 2: Recommended Elliptic Curve Domain Parameters, "3.4.1 Recommended Parameters sect163k1", p. 27, Certicom Research, September 20, 2000, Version 1.0, available at http://www.secg.org/SEC2-Ver-1.0.pdf
  2. Standards for Efficient Cryptography - SEC 2: Recommended Elliptic Curve Domain Parameters, "3.7.1 Recommended Parameters sect239k1", p. 32, Certicom Research, September 20, 2000, Version 1.0, available at http://www.secg.org/SEC2-Ver-1.0.pdf
  3. Standards for Efficient Cryptography - SEC 2: Recommended Elliptic Curve Domain Parameters, "3.4.2 Recommended Parameters sect163r1", p. 28, Certicom Research, September 20, 2000, Version 1.0, available at http://www.secg.org/SEC2-Ver-1.0.pdf
  4. FIPS 186-4: "D.2.3 Curve P-256", p. 102, available at http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
  5. FIPS 186-4: "D.2.4 Curve P-384", p. 103, available at http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
  6. FIPS 186-4: "D.2.5 Curve P-521", p. 104, available at http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf

See also RSA Knowledge Base Article Number 32299 Difference between ECCP and ECCPWithParams Elliptic Curve Types 

Attachments

    Outcomes