W3C home > Mailing lists > Public > public-webcrypto-comments@w3.org > January 2013

ECC Curves

From: Björn Kinscher <bjoern.kinscher@googlemail.com>
Date: Tue, 29 Jan 2013 11:07:15 +0100
Message-ID: <CABy50uTC5vGnSV04CxgyJgjiWHFNJwdZ5-6vPm3tdQ1xO=giwA@mail.gmail.com>
To: public-webcrypto-comments@w3.org
Hi,

I attended the talk of Harry Halpin at the 29c3, where I heard that
there is still a lot of ongoing work on the webcrypto api. I would
like to know if it is considered to give api users the possibility of
defining their own curves for ECDSA and ECDH.
Last year I worked with the new german identity card. It uses recently
defined curves, which are not available in any classic encryption
libraries. Thus I think it is necessary to enable api users to define
their own curves to ensure compatibility with other applications.
I do not want api users to create their own curves, but that they are
able to use recently approved ones without waiting for user agent
vendors to implement them. I know there is a risk of users creating
weak ones, but I still think the possibility to define new curves
would be very useful. Especially since a user agent can't include all
possible useful curves.

My suggestion is to extend EcKeyGenParams with something like the
following to give api users the possibility to define their custom
curves:

typedef (namedCurve or customCurve) CurveIdentifier;

dictionary customCurve {
  // prime number
  BigInteger prime;
  // a and b are definded by the equatation y^2 = x^3 + a*x + b
  BigInteger a;
  BigInteger b;
  // generator of the group
  ECPoint generator;
  // order of the group
  BigInteger order;
  // index of the sub-group
  BigInteger cofactor;
}

dictionary EcKeyGenParams : AlgorithmParameters {
  // A named or a custom curve
  CurveIdentifier curve;
};

Another option would be to add an interface to register new named
curves with these parameters.

Regards
Björn Kinscher
Received on Tuesday, 29 January 2013 10:08:16 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 29 January 2013 10:08:16 GMT