Questions tagged [ecdsa]
23 questions
40
votes
4 answers
Should I be using ECDSA keys instead of RSA?
I read on ssh.com that there are new ECDSA ssh keys that one should be using to create the public / private key pair; and that's it's a US Government Standard based on elliptical curves (probably something mathy). I also noticed that they use fewer…
![](../../users/profiles/6103.webp)
leeand00
- 1,297
- 1
- 13
- 21
9
votes
4 answers
Recommended asymmetric algorithms for JWT?
I'm implementing JWT authentication for a new web service and am unsure which asymmetric algorithm to choose. I've searched around and haven't found any consensus or clear recommendations. According to the PyJWT docs there are a few different…
![](../../users/profiles/161427.webp)
user3607758
- 93
- 1
- 3
6
votes
0 answers
How sensitive is the primary key stub of an ed25519 security key (~/.ssh/id_ed25519_sk)?
Now that OpenSSH supports Elliptic curve security keys (since version 8.2), it's possible to generate a ed25519-sk key on a hardware security key:
$ ssh-keygen -t ed25519-sk -C comment
This generates a public and a private key parts. How sensitive…
![](../../users/profiles/12485.webp)
Petr
- 495
- 2
- 10
6
votes
2 answers
Convert ECDSA keys (PEM, OpenSSH)
To work with ECDSA keys I am using the python-ecdsa library. Unfortunately this library can not process keyfiles properly if they are provided in the OpenSSH format. Instead I generate them in the PEM format, which the library can handle, using the…
![](../../users/profiles/188056.webp)
766F6964
- 161
- 1
- 3
5
votes
2 answers
Difference in ECDSA private key format
I have two private ssh keys, - one was originally created with ssh-keygen the other one with a python script. They are supposed to be the same, however one works for authentication and the other one doesn't.
After analyzing them with…
![](../../users/profiles/218038.webp)
Kyu96
- 165
- 1
- 7
4
votes
1 answer
Is it possible to fake ECDSA signatures?
Recently, I came across a reddit post claiming it was easy to mutate bitcoin signatures to generate message/signature pairs.
https://www.reddit.com/r/btc/comments/9xpivk/satoshi_i_do_not_want_to_be_public_but_there_is/e9u4m50
There's even POC…
![](../../users/profiles/195813.webp)
FrozenKiwi
- 143
- 4
3
votes
1 answer
GnuPG: How to create ECDSA signature?
https://www.rfc-editor.org/rfc/rfc6637 defines ECDSA for OpenPGP and https://wiki.gnupg.org/ECC lists elliptic curve support in GnuPG since version 2.1
I have version 2.2.25 and it lists ECDSA as supported algorithm:
$ gpg --version
gpg (GnuPG)…
![](../../users/profiles/229626.webp)
matthias_buehlmann
- 565
- 4
- 12
3
votes
1 answer
Mix and match RSA and ECDSA in TLS
Suppose TLS client and server want to communicate, authenticating both parties. They each have sufficiently trusted certificates, but one corresponds to an ECDSA private key and the other corresponds to a RSA private key, or maybe ECDSA private key…
![](../../users/profiles/36086.webp)
Eugene Ryabtsev
- 187
- 6
2
votes
1 answer
SSH Handshake on Cisco IOS XE
I've configured the following on my IOS XE device.
!
ip ssh rsa keypair-name my-4096rsa-ssh-key
ip ssh version 2
ip ssh server algorithm mac hmac-sha2-512 hmac-sha2-256
ip ssh server algorithm encryption aes256-gcm aes256-ctr
ip ssh server algorithm…
![](../../users/profiles/274714.webp)
TimmayG
- 21
- 2
2
votes
1 answer
Which KEK can wrap AES, RSA and ECDSA keys securely?
If I have AES256, RSA4K and ECDSA-512 keys as CEKs, which I need to securely store, what KEK can I use to securely wrap these without reducing the bit strength? I am aware that an AES256 key can wrap RSA4K without reducing the bit-strength (RFC…
![](../../users/profiles/209841.webp)
mithya
- 123
- 2
1
vote
0 answers
Ramifications of the psychic/CVE-2022-21449 ECDSA verification vulnerability
On 2022-04-19, Neil Madden published a vulnerability in the ECDSA signature verification code of the library bundled with some editions of Java, including some recent by Oracle and in OpenJDK. That became CVE-2022-21449 (I've yet to understand if…
![](../../users/profiles/6211.webp)
fgrieu
- 1,072
- 7
- 19
1
vote
0 answers
Is it possible to use an ed25519 security key with Google Chrome SSH applets?
After generating an OpenSSH EC key on a hardware security key:
$ ssh-keygen -t ed25519-sk -C comment
Is it possible to use this key with Google Chrome SSH applet or Mosh, in particular on non-Linux machines where there is no ssh command available…
![](../../users/profiles/12485.webp)
Petr
- 495
- 2
- 10
1
vote
2 answers
Premeditated substitution of ECDSA-signed message by the signer
If I understand correctly section 4.2 in Jacques Stern, David Pointcheval, John Malone-Lee, and Nigel P. Smart's Flaws in Applying Proof Methodologies to Signature Schemes, in proceedings of Crypto 2002, they describe an attack that allows…
![](../../users/profiles/6211.webp)
fgrieu
- 1,072
- 7
- 19
1
vote
2 answers
How to store ECDSA public key securely in Android
I am writing an Android application that needs to verify that a request is sent from a trusted party (me).
This is my current solution:
Storing keys:
Generate ECDSA public key / private key from a server.
Store private key in server. Store public…
![](../../users/profiles/203236.webp)
hollaholl
- 13
- 2
1
vote
0 answers
How to authorize a subkey using a primary master key pair?
I'm using webcrypto, not PGP/GPG.
I would like to use a key pair to create a "subkey" that is authorized by my primary key in a way anyone can publicly verify so I don't need to expose the primary key's private component to any web-facing…
![](../../users/profiles/3927.webp)
Xeoncross
- 313
- 2
- 12