Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Selected ECC curves are not secure #196

Closed
obogobo opened this issue Feb 19, 2018 · 10 comments · Fixed by #362
Closed

Selected ECC curves are not secure #196

obogobo opened this issue Feb 19, 2018 · 10 comments · Fixed by #362

Comments

@obogobo
Copy link

obogobo commented Feb 19, 2018

https://safecurves.cr.yp.to/

It would be great to see Ed25519 support in ECDH/ECDSA operations!

This was referenced Mar 8, 2019
@sideshowbarker
Copy link
Member

FYI, I closed #219 as a duplicate of this issue. The issue description there was this:

Blockchain applications increasingly use the EdDSA signature scheme combined with SHA-512 and Curve25519 (Ed25519). This ticket is a support request to add the scheme and curve in the webcrypto spec.

@lucacasonato
Copy link
Contributor

Want to express positive implementer interest for curve25519 from the Deno team. We have gotten some user feedback requesting it.

@RangerMauve
Copy link

This would be very useful for a lot of peer to peer systems that are coming out.

@twiss
Copy link
Member

twiss commented Sep 13, 2021

Just to repeat what I wrote in #280 (comment), I've reached out to the browser vendors regarding Curve25519 and Curve448, and have gotten enough positive signals to justify moving forward with this, so I'll put together a proposal, present it to the WICG, and hopefully then it can get implemented and merged into this spec eventually.

@twiss
Copy link
Member

twiss commented Dec 6, 2021

There is now a draft spec for Curve25519 and Curve448 in Web Crypto, here: https://twiss.github.io/webcrypto-secure-curves/.

There is also an explainer (based on a previous proposal by Qingsi Wang to include Curve25519 in WebCrypto).

I've posted to the WICG about it here.

@panva, @jasnell, @lucacasonato, @littledivy, and anyone else who's interested, it would be great if you could take a look at it, and let me know if you have any feedback, either there or here.

@panva
Copy link
Member

panva commented Dec 6, 2021

@twiss had a quick look.

The are numerous occurrences of Let algorithm be a new EcKeyAlgorithm, shouldn't those be Let algorithm be a new KeyAlgorithm instead?

@twiss
Copy link
Member

twiss commented Dec 6, 2021

@panva Yep, you're right. Fixed, thanks!

@panva
Copy link
Member

panva commented Jan 27, 2022

@twiss what are the next steps for https://twiss.github.io/webcrypto-secure-curves?

@twiss
Copy link
Member

twiss commented Jan 27, 2022

Hey @panva 👋 I've looked a bit more into the WICG process and it turns out they're transitioning from Discourse to GitHub. So I've created an issue for this proposal here: WICG/proposals#46. Hopefully we'll get some more engagement from the browsers there 😊

Then, the goal is to hopefully move the repo to the WICG GitHub org, and once it has seen some adoption, merge it into the main spec here.

@twiss
Copy link
Member

twiss commented Jun 16, 2022

Just posting another update here, or rather two: the draft has been moved to WICG/webcrypto-secure-curves, and the new charter of the Web Application Security Working Group has been adopted, which says that "the WG may adopt well-supported proposals from incubation for maintenance of the Web Cryptography API". I've posted to the WebAppSec mailing list here to hopefully get some feedback and/or get the draft to be "well-supported" :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

6 participants