Using Elliptic Curve Cryptography

You can control both the priority ordering and range of Elliptic Curves used to negotiate with connecting peers when establishing connections using ECDHE or ECDH cipher suites.

Important: If you are using any identity or Certificate Authority (CA) certificate that contains an ECC public key. The ECC curve used for that key must be specified in the ECC curve collection field in a listener's SSL options (I601) or the MF Directory Server tab (e041).

If the key's ECC curve is not present, no Elliptic Curve Digital Signature Algorithm (ECDSA) cipher suite connections can be established. Any certificate bearing an unconfigured or misconfigured ECC curve is treated as untrusted because its ECC curve is unknown to the system.

In a dual certificate configuration and if the connecting client is not configured for ECDSA only then the RSA identity certificate and any issuing CA chain might still establish a listening endpoint using the alternative certificate and RSA key. In these circumstances ECDHE-RSA or ECDH-RSA cipher suites are used.

When listing ECC curves, the priority order is read from left to right with the highest priority on the left. Any combination of spaces, commas, and semicolons can be used as separators for ECC curves. By default, the following ECC curve collection is used:

secp521r1;secp384r1;prime256v1;secp256k1;secp224r1;secp224k1;prime192v1

You can specify your preferred ECC curve collection in the ECC curve collection field. If ECC curves are duplicated in the list, the first example encountered sets its priority position. All subsequent duplicates are ignored. For example, secp521r1 is the highest priority ECC curve. While secp256k1 is the fourth highest priority curve despite also being found at position ten in the list:

secp521r1;secp384r1;prime256v1,secp256k1,secp224r1;secp224k1;secp521r1;secp384r1;prime256v1;secp256k1;secp224r1;secp224k1;prime192v1

Any specified curve collection replaces the default collection. If no configuration is specified, the default ECC curve collection is the ECC curve collection listed above. The priority order is determined by the cryptographic service provider.

Note: The default collection of elliptic curves is suitable for most users.

Micro Focus recommends you use the following supported ECC Prime Curves:

Note: Only ECC Prime Curves are supported.

brainpoolP512r1
brainpoolP384r1
brainpoolP256r1
secp521r1
secp384r1
secp256r1
secp256k1
secp224r1
secp224k1
secp192r1

Note: secp256r1 is synonymous and interchangeable with prime256v1. Also, secp192r1 is synonymous and interchangeable with prime192v1.

To optimize the ECC curve collection to have the highest level of security while providing the greatest level of compatibility with clients, Micro Focus recommends you specify the following ECC curve collection:

secp521r1;brainpoolP512r1;brainpoolP384r1;brainpoolP256r1;secp384r1;prime256v1;secp256k1;secp224k1;secp224r1;prime192v1

Micro Focus recommends you avoid using the following ECC Prime Curves which are now considered insecure:

secp192k1
secp160r2
secp160r1
secp160k1