W3C home > Mailing lists > Public > public-webcrypto-comments@w3.org > January 2013

ECC Curves

From: Björn Kinscher <bjoern.kinscher@googlemail.com>
Date: Tue, 29 Jan 2013 11:07:15 +0100
Message-ID: <CABy50uTC5vGnSV04CxgyJgjiWHFNJwdZ5-6vPm3tdQ1xO=giwA@mail.gmail.com>
To: public-webcrypto-comments@w3.org

I attended the talk of Harry Halpin at the 29c3, where I heard that
there is still a lot of ongoing work on the webcrypto api. I would
like to know if it is considered to give api users the possibility of
defining their own curves for ECDSA and ECDH.
Last year I worked with the new german identity card. It uses recently
defined curves, which are not available in any classic encryption
libraries. Thus I think it is necessary to enable api users to define
their own curves to ensure compatibility with other applications.
I do not want api users to create their own curves, but that they are
able to use recently approved ones without waiting for user agent
vendors to implement them. I know there is a risk of users creating
weak ones, but I still think the possibility to define new curves
would be very useful. Especially since a user agent can't include all
possible useful curves.

My suggestion is to extend EcKeyGenParams with something like the
following to give api users the possibility to define their custom

typedef (namedCurve or customCurve) CurveIdentifier;

dictionary customCurve {
  // prime number
  BigInteger prime;
  // a and b are definded by the equatation y^2 = x^3 + a*x + b
  BigInteger a;
  BigInteger b;
  // generator of the group
  ECPoint generator;
  // order of the group
  BigInteger order;
  // index of the sub-group
  BigInteger cofactor;

dictionary EcKeyGenParams : AlgorithmParameters {
  // A named or a custom curve
  CurveIdentifier curve;

Another option would be to add an interface to register new named
curves with these parameters.

Björn Kinscher
Received on Tuesday, 29 January 2013 10:08:16 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:12:49 UTC