Undo deprecation of brainpool EC
benjamin.marwell at f-i.de
benjamin.marwell at f-i.de
Mon Nov 14 08:36:42 UTC 2022
Hello everyone!
To our surprise, brainpool EC have been deprecated with Java 14+ [1].
However, JDK-8234924 [1] does not add any information on WHY they would have been deprecated.
In fact, neither NIST (USA) nor BSI (Germany) list them as deprecated.
On the contrary, both institutions list them as an acceptable cipher.
As a matter of fact, the deprecation notice seem to have originated by bad wording.
Please read this quote from Manfred Lochter, how works at the BSI:
> The unfortunate wording about the brainpool curves originated in TLS 1.3,
> however RFC 8734 makes the curves usable for TLS again.
> We will continue to recommend the Brainpool curves.
> It should also be noted that the arguments for the "modern formulas" have all been refuted by now.
> Especially the implementation of Curve 25519 requires more effort to protect against SCA;
> the deterministic signatures are vulnerable to fault injection.
> In the medium term, however, the switch to post-quantum cryptography is necessary;
> there are comprehensive recommendations on this at [2]
Now, european banking and health industry still do rely heavily on brainpool curves.
Given all these facts, I hereby request to undo the depracation of brainpool EC in OpenJDK.
Please let me know what lead to the assumption that brainpool ciphers were deprecated.
Neither NIST nor BSI seems to be the source. Given all the facts, it should still be included.
References:
[1]: https://bugs.openjdk.org/browse/JDK-8234924
[2]: https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisationen/Informationen-und-Empfehlungen/Quantentechnologien-und-Post-Quanten-Kryptografie/quantentechnologien-und-post-quanten-kryptografie_node.html
Mit freundlichen Grüßen
Benjamin Marwell
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5591 bytes
Desc: not available
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20221114/d5a3ed55/smime.p7s>
More information about the security-dev
mailing list