powered by Jive Software

Plans to Implement ECC (Elliptical Curve Cryptography)

Elliptical Curve Cryptography would benefit OpenFire since a 512 bit ECC cert is supposedly equivalent to a 15386 bit RSA cert. I know it’s intended for mobile devices due to the lower calculating power required for the equivalent security but I don’t see why it cannot be implemented for ultra-secure chat. Of course, no Certificate Authorities are signing ECC certs…AFAIK?

Still, I’m interested in implementing ECC into OpenFire/Spark but I wanted to see if there were plans for this already. I’ve looked into this a little and it seems that Java 7 “supports” ECC but only in a limited fashion. I’ve seen people recommend the BouncyCastle library, which I believe OpenFire already uses? So it “seems” like it should not be too hard to implement. No?

I haven’t heard about plans, nor have seen a ticket in the bug tracker about implementing ECC.

Granted this has been a long-dormant question, but now that 2048 bit RSA certs are becoming old news, 4096 bit is just about the standard and now that Let’s Encrypt’s ACMEv2 API will let you generate an ECC certificate (including wildcards) for free, I’m super-interested in using one for Openfire/Spark to help lower the calculations needed vs RSA…