login about faq

Hello.

I am looking to deploy (Ephemeral) Elliptic-Curve Diffie-Hellman (ECDHE). Elliptic-Curve Diffie-Hellman (ECDH) key exchange avoids all known feasible cryptanalytic attacks, and modern web browsers now prefer ECDHE over the original, finite field, Diffie-Hellman. The discrete log algorithms we used to attack standard Diffie-Hellman groups do not gain as strong of an advantage from precomputation, and individual servers do not need to generate unique elliptic curves.

I plan to use a Strong, Diffie Hellman Group. A few 1024-bit groups are used by millions of servers, which makes them an optimal target for precomputation, and potential eavesdropping. Administrators should use 2048-bit or stronger Diffie-Hellman groups with "safe" primes.

However, I do not see that ChilKat supports ECDHE, yet.

Surely you have this on your roadmap. Can you give me an indication of when you will be officially supporting ECDHE?

Thanks.

Dennis

asked May 28 at 17:41

dlandi's gravatar image

dlandi
11


I don't fully understand..

Chilkat support ECDHE within the TLS protocol. However, it is the server that chooses the cipher suite. The client-side presents to the server a list of cipher suites it is capable of handling, and then the server chooses the one to be used in the TLS handshake. The Chilkat API has ways to limit which TLS cipher suites can be used, and you could potentially limit it to only ECDHE suites.

Outside of TLS, Chilkat provides classes for both ECC and Diffie-Hellman (in all of the supported programming languages). For example, in C#
See https://chilkatsoft.com/refdoc/csDhRef.html
and https://chilkatsoft.com/refdoc/csEccRef.html

Using the combination of the two, you could build your own ECDHE (right?)

link

answered May 29 at 17:17

chilkat's gravatar image

chilkat ♦♦
12.8k317367485

Ah. Thanks!

I am just doing preliminary due diligence your product, so I missed that!

Thanks for your time!

(May 29 at 18:18) dlandi
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×5

Asked: May 28 at 17:41

Seen: 1,091 times

Last updated: May 29 at 18:18

powered by OSQA