Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8148516

Increase the minimum strength of EC keys

    XMLWordPrintable

Details

    • b127
    • Verified

    Backports

      Description

        Per NIST SP 800-57, EC curves less than 224 should be disallowed since 2013, and curves less than 256 should be disallowed since 2030.

        As EC usage in TLS is relative new, almost all TLS implementations default to the NIST P-256 or stronger curves. Disable curves less than 256 bits should cause no issues.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8167875 Increase the minimum strength of EC keys

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8169147 Increase the minimum strength of EC keys

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8175450 Increase the minimum strength of EC keys

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved
            relates to

            Bug - A problem which impairs or prevents the functions of the product. JDK-8161232 AsyncSSLSocketClose.java test fails timeout.

            • P3 - Major loss of function.
            • Resolved

            Bug - A problem which impairs or prevents the functions of the product. JDK-8177071 typo in test DisabledAlgorithms.java

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Bug - A problem which impairs or prevents the functions of the product. JDK-8166362 [TEST_BUG] test sun/net/www/http/HttpClient/B8025710.java failing with cert error in 8u121 b01

            • P3 - Major loss of function.
            • Resolved

            Bug - A problem which impairs or prevents the functions of the product. JDK-8173783 IllegalArgumentException: jdk.tls.namedGroups

            • P1 - Blocks development and/or testing work, production could not run.
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. JDK-8167472 Chrome interop regression with JDK-8148516

            • P2 - Crashes, loss of data, severe memory leak.
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. JDK-8176479 javax.net.ssl.SSLHandshakeException: Unsupported curveId: 21

            • P3 - Major loss of function.
            • Closed

            Activity

              People

                vtheeyarath Vivek Theeyarath (Inactive)
                xuelei Xuelei Fan
                Votes:
                0 Vote for this issue
                Watchers:
                11 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: