Markus Friedl wrote:
On Mon, Aug 04, 2003 at 04:27:08PM -0700, Douglas Stebila wrote:Is anyone looking at the use of elliptic curve cryptography in the SSH protocol? Specifically at either ECDH for key exchange or ECDSA for signatures?not for openssh, since it opens another can of stupid patent problems.
I don't think that patents are a problem (for ECDSA and ECDH) if only curves over GF(p), p prime, are used (see for example: http://grouper.ieee.org/groups/1363/P1363/patents.html). Using curves over GF(2**m) without some features (point compression, onb basis etc.) should be possible as well. Note: Implementing ECDSA and ECDH in OpenSSH shouldn't very difficult as soon as OpenSSL 0.9.8 is released as OpenSSL 0.9.8 will support ecdsa and ecdh. Nils