Elliptic Curve Cryptography
Elliptic Curve Cryptography is a form of public-key cryptosystem.
Compared to currently prevalent cryptosystems, ECC offers equivalent security with smaller key size. This results in conservation of power, memory, bandwidth, and the resultant computational cost.
Starting with Avi Vantage 21.1.1, Avi Vantage supports configuring Elliptic Curve Cryptography (ECC) Cipher Suites in an SSL profile.
Configuring EC Named Curve
The following named curves or groups are supported for virtual services:
- secp256r1 (23)
- secp384r1 (24)
- secp521r1 (25)
To configure the EC Named curve, Named Curve (TLS Supported Groups) in SSL Profile configuration, the field configure
ec_named_curve is introduced.
By default this field is set to auto as shown below:
show sslprofile System-Standard
This implies that the secp256r1 (23), secp384r1 (24) and secp521r1 (25) curve group is supported by default.
Configure x25519 and x448 as shown below:
configure sslprofile System-Standard sslprofile> ec_named_curve P-256:X25519:X448 Overwriting the previously entered value for ec_named_curve sslprofile>save
Document Revision History
|August 06, 2021||Created the article for Elliptic Curve Cryptography (Version 21.1)|