search

AntonKueltz / fastecdsa

Python library for fast elliptic curve crypto
https://pypi.python.org/pypi/fastecdsa
The Unlicense
263 stars 76 forks source link

Safe curves? #63

Closed jilljenn closed 3 years ago

jilljenn commented 3 years ago

Thanks for this package! I think the current implementation only supports unsafe curves, is that right?

https://safecurves.cr.yp.to/

AntonKueltz commented 3 years ago

Yes, though it should be mentioned that the definition of safe that the safecurves page uses is quite strict. Under it no Weierstrass curve is „safe“, while in practice Weierstrass curves are used by eg TLS and other common protocols.

The author of the safecurves page is also the author of several curves that do meet the safe properties, so I would take the safe vs unsafe distinction with a bit of a grain of salt. The unsafe curves do have implementation pitfalls and are harder to implement safely but the curves themselves (ie the parameters and security proofs) don’t have any known weaknesses or backdoors.