Elliptical Curve Cryptography

Cerberus FTP Server now supports Elliptic Curve Cryptography (ECC). ECC is a new approach to public key cryptography. Compared to traditional crypto systems like RSA, ECC offers equivalent security with smaller key sizes. This allows ECC to use drastically smaller keys to provide the equivalent security of RSA or Diffie-Hellman keys; a 160-bit ECC key is equivalent to a 1024-bit RSA key. The result is faster computations, lower power consumption, as well as memory and bandwidth savings. ECC is shaping up to be the new standard in future cryptographic systems. Cerberus FTP Server supports both ECC key pairs and ECC ciphers for key agreement and authentication.

Comparing ECC to RSA and Diffie-Helman

ECC’s efficiency and security is considered strong enough that the US National Security Agency (NSA) included it, while excluding RSA, from its Suite B cryptography recommendations. Suite B is a set of algorithms that the NSA recommends for use in protecting both classified and unclassified US government information and systems.

One of the ways judgments are made about the correct key size for a public key system is to look at the strength of the conventional (symmetric) encryption algorithms that the public key algorithm uses to key or authenticate. The following table gives the key sizes recommended by the National Institute of Standards and Technology (NIST) to protect keys used in conventional encryption algorithms like the DES and AES together with the key sizes for RSA, Diffie-Hellman and elliptic curves that are needed to provide equivalent security.

 

Symmetric Key Size (bits)	RSA and Diffie-Hellman Key Size (bits)	Elliptic Curve Key Size (bits)
80	1024	160
112	2048	224
128	3072	256
192	7680	384
256	15360	521
Table 1: NIST Recommended Key Sizes (from NSA’s “The Case for Elliptic Curve Cryptography“)

As symmetric key sizes increase the required key sizes for RSA and Diffie-Hellman increase at a much faster rate than the required key sizes for elliptic curve cryptographic systems. Elliptic curve systems offer more security per bit increase in key size than either RSA or Diffie-Hellman public key systems.

Elliptic curve cryptographic systems are also more computationally efficient than the first generation public key systems, RSA and Diffie-Hellman. Although elliptic curve arithmetic is slightly more complex per bit than either RSA or DH arithmetic, the added strength per bit more than makes up for any extra compute time. The following table shows the ratio of DH computation versus EC computation for each of the key sizes listed in Table 1.

 

Security Level (bits)	Ratio of DH Cost : EC Cost
80	3:1
112	6:1
128	10:1
192	32:1
256	64:1
Table 2: Relative Computation Costs of Diffie-Hellman and Elliptic Curves

Elliptic curve cryptography support is still in its infancy but its use will only grow in the coming years. You can try it now using Cerberus FTP Server 6.0 or higher.

How to get ECC support in Cerberus FTP Server

ECC cryptography for FTPS and HTTPS is only supported in Cerberus FTP Server 6.0 and higher.

SSH SFTP Elliptical Curve Key Exchange is supported in Cerberus FTP Server 4.0.9 and higher. Version 4.0.9 and higher support Elliptic Curve Diffie-Hellman (ECDH) key agreement, Elliptic Curve Digital Signature Algorithm (ECDSA), and elliptic curve public keys for SSH SFTP as specified in RFC 5656. Only the required NIST curves at 256, 384, and 521 bits with uncompressed points are currently supported.

You can find the latest release of Cerberus FTP Server on our downloads page.