The situation in information security field is constantly changing. Hack attempts are becoming more and more impudent and complex. Intruders develop elaborate and multistage break-in methods. In this situation remaining up-to-date with progressing technology is a basic and necessary step in digital data protection. That is why Certificate Authorities are always working on developing new solutions and improving existing ones, which allows keeping on-line information security on the highest level. The Public key cryptography and Digital certificates serve to provide a new level of authentication, privacy and personal data transmitting security that cannot be maintained by passphrases and passwords alone.
So far, major key algorithms, RSA and DSA, have experienced a wide application in the Internet security field. And after more than 30 years of success modern ECDSA (Elliptic Curve Digital Signature Algorithm) keys come on the stage.
DSA, RSA and ECDSA: looking back
DSA (Digital Signature Algorithm) is an algorithm for digital signature generation with the means of Private/Public Keys pair. The signature is created secretly but can be identified publicly. This means that only one subject can actually create the signature of the message using the Private Key, but anyone can verify its adequacy having a corresponding Public Key. This algorithm has been offered by the National Institute of Standards and Technology (NIST) back in August 1991 and proclaimed along with SHA-1 hash function as a part of DSS (Digital Signature Standard) in 1994.
RSA (abbreviation of scientist’s last names Ron Rivest, Adi Shamir, and Leonard Adleman), apart from DSA, has become the first cryptosystem applicable for digital signature and data encrypting, even though the idea has been first exposed to light in 1978. RSA algorithm implies three main steps: key pair generation, encryption and decryption. A public key is transmitted over an open channel, while the Private Key remains secret. The data, which is encrypted with the Private Key, can only be decrypted with the Public Key, which is mathematically linked to a Private one. RSA can be used to determine the data source origin.
ECDSA (Elliptic Curve Digital Signature Algorithm) which is based on DSA, a part of Elliptic Curve Cryptography, which is just a mathematical equation on its own. ECDSA is the algorithm, that makes Elliptic Curve Cryptography useful for security. Neal Koblitz and Victor S. Miller independently suggested the use of elliptic curves in cryptography in 1985, and a wide performance was gained in 2004 and 2005. It differs from DSA due to that fact that it is applicable not over the whole numbers of a finite field but to certain points of elliptic curve to define Public/Private Keys pair.
ECC certificates: pros and cons
Being a golden standard by far, RSA key algorithm is the one, which is most widely used in the digital security. However, according to the modern tendency of using mobile and compact devices, ‘pure web performance’ stands up at the head of the whole business. From this perspective the physical size of the key is a predominant question.
DSA and RSA key algorithms require a larger key size and could be defeated by factoring a large number. When it comes to ECDSA, the Elliptic Curve Discrete Logarithm Problem (ECDLP) needs to be solved in order to break the key, and there was no major progress so far to achieve this. Thus ECC certificate provides a better security solution and is more difficult to break using usual hacker’s ‘brute force’ methods.
Shorter key size is definitely among the advantages as well. In the table below we compared RSA and ECDSA Key sizes for a better layout.
| Security strength (bit) | RSA Public Key length (bit) | ECDSA Public Key length (bit) |
|---|---|---|
| 80 | 1024 | 160 |
| 112 | 2048 | 224 |
| 128 | 3072 | 256 |
| 192 | 7680 | 384 |
| 256 | 15360 | 512 |
As seen from the table, in order to establish a 256-bit security connection between a web-client and a web-server a 15360-bit key is used in standard asymmetric RSA algorithm, while an elliptic curve one requires a 512-bit key for the equivalent connection. The shorter the key, the faster it turns around. In order to comply with the increasing cryptographic strength requirements - sizes of keys and signatures grow as well, and so does the time spent on performing a cryptographic operation. It is obvious from the table above that the increase rate is way faster for RSA than for ECC. What mainly goes behind all of the above mentioned is:
All the novelties, and ECC SSL certificates are no exception, take a certain amount of time to be implemented, accepted and supported globally. By far, some old web-browser versions have compatibility issues with ECC certificates. When it comes to modern and up-to-date web clients, there are at least two curves given by NSA suite B that are supported, e.g. the P-256 and P-384.
Below web browsers and operating systems will display the web site with ECC SSL correctly, once it is chained up to the root.
Web client support
| Web client | Minimum version required |
|---|---|
| Mozilla Firefox | 2.0 |
| Google Chrome | 1.0 on ECC compatible OS |
| Microsoft IE | 7 on ECC compatible OS |
| Apple Safari | 4 on ECC compatible OS |
OS support
| OS | Minimum version required |
|---|---|
| Microsoft Windows | Windows Vista Windows 7&8 that reply on OS Root Store and Root Update Mechanism |
| Apple OS | OS X 10.6 |
| Google Android | 4.0 |
| Red Hat Enterprise Linux | 6.5 |
Server support
| Server | Minimum version required |
|---|---|
| Apache HTTP Server | 2.2.26 |
| Nginx | 1.1.0 |
| Windows Server | 2008 |
| Apache Tomcat | 1.1.30 |
| Dovecot | 2.2.5 |
| IBM HTTP Server | 8.0 w/ PM80235 |
| Sun Java System Web Server | 7.0 |
It is worth mentioning that Comodo (now Sectigo) Certificate Authority has created ECC root certificates which are available in web browsers since 2008. Prior to making a decision to go for ECC certificate, it is wise to learn if it is compatible with the web server environment as well. The support by some mobile platforms also requires further testing. Unfortunately, precise information is yet to be available. However, most popular Microsoft and Apache web servers allow the ECC certificate operation. A possible solution is to install SSL certificates with different signature algorithms to support clients capabilities.
As a conclusion, we can say that ECC is, indeed, an improvement in modern cryptography which underlies SSL certificates. Increased performance, attack stability and viable alternative to the existing crypto algorithms are among obvious benefits. However, acknowledging the fact that RSA algorithm is widespread nowadays, we predict a bright and fabulous future for EC Cryptography.
Need help? We're always here for you.