Conceptual feedback on new ECC JEP
Xuelei Fan
xuelei.fan at oracle.com
Tue Sep 25 16:06:44 UTC 2018
On 9/25/2018 8:34 AM, Adam Petcher wrote:
> Yes, it is possible, at the expense of some assurance related to
> security against side-channel attacks. This interoperable implementation
> will be available by default in SunEC. A higher-assurance form of the
> same implementation will be available in the new provider. The
> additional effort required to put this implementation in both providers
> is expected to be relatively small.
Can we have the same security level impl in SunEC in some circumstances?
For example, when the key is not imported for the 4 named curves.
Using a new provider means we force applications to choose between weak
and interop, just because we cannot provide both at the same time.
Thanks,
Xuelei
More information about the security-dev
mailing list