0

Which EC ciphers should be selected to avoid - secp160k1 curve as its weaker one.

I am using jdk 1.8 with SunEC as JCA provider

user1493834
  • 756
  • 4
  • 11
  • 25
  • I'm voting to close this question as off-topic because this user asked the same here: http://security.stackexchange.com/questions/138111/restrict-eliptic-curve-in-sun-jsse-jdk-1-8 and is better there. – jmingov Sep 28 '16 at 20:26
  • @jmingov It seems like a better fit here. The JCA has mechanisms to disable certain algorithms and restrict key lengths that are specific to the runtime, not generally relevant to security or cryptography. I would close the other one. – erickson Sep 28 '16 at 20:50
  • @erickson ok mate, your the boss :p lets try to close the other one. br – jmingov Sep 28 '16 at 20:58
  • Done @erickson and thank you for the input. – jmingov Sep 28 '16 at 21:07
  • @jmingov Thank you – erickson Sep 28 '16 at 21:09

1 Answers1

2

In some contexts, algorithms and key sizes can be restricted using the java.security file in the JRE, but there isn't a way to restrict EC curves using that method.

However, by specifying the curves you permit when you generate your keys, you are effectively restricting key agreement to those curves. If a particular curve is not permitted, you shouldn't have a key pair to support it.

erickson
  • 265,237
  • 58
  • 395
  • 493
  • I am looking for that configuration option how do I specify the curve allowed or that are not allowed. I tired jdk.tls.disabledAlgorithms= EC keysize < 112 but that did not help. – user1493834 Sep 29 '16 at 04:50
  • @user1493834 Sorry, I overlooked the "JSSE" outside of the question body, and was thinking about using `KeyAgreement` directly. It's not possible to deny a particular curve through the `java.security` file, but it should be possible to require longer keys. But the actual key size, in bits, must be specified, not the effective strength. So for EC keys, you should specify 224, not 112, if you want to disable all 160-bit keys. If you have a chance, please give that a try. If I have time to set up a test server or find one online, I will experiment. – erickson Sep 29 '16 at 14:47
  • that configuration did not work on tomcat 8.0x i,e the server still supports weaker curves of size 162, but I verified same set of ciphers in tomcat 8.5.5 with same jdk 1.8 and same self-signed cert. I can see it honors only stronger curves - 256 and above. I am yet to find the solution – user1493834 Oct 03 '16 at 05:46