Hi Ankita
This decision was likely made due to security concerns, as
elliptic curves with smaller bit sizes (such as 160 bits) are
considered vulnerable to modern computational power and
cryptographic attacks. A 160-bit key provides relatively weak
security, which has led to the recommendation of using stronger
curves for robust cryptographic protection. The Mbed TLS team
can confirm this reasoning though.
In Trusted Firmware-A (TF-A), we primarily use P-256 by default
for its good balance between security and performance. For
enhanced security, we opt for P-384 to provide a higher level of
protection where needed.
I hope this helps.
Regards,
Manish Badarkhe
Hi Team,
I am working on an embedded security
project and exploring ECC support in MbedTLS 3.6.2. I would like
to confirm whether the MbedTLS supports ECC-160 i.e. Elliptic
Curve Cryptography with a 160 bit key size, in the latest
version or any earlier versions.
Looking forward to your response.
Thanks and regards,
Ankita Hatmode
-------------------------------------------------------------------------------------------------------------------------
Disclaimer: This
email message including any attachments is confidential, and may
be privileged and proprietary to Agiliad. If you are not the
intended recipient, please notify us immediately by replying to
this message and destroy all copies of this message including
any attachments. You are NOT authorized to read, print, retain,
copy, disseminate, distribute, or use this message or any part
thereof. Thank you.
------------------------------------------------------------------------------------------------------------------------