LeaderSSL Support: offline:
Mo - Fr 9:00 - 18:00 CET time
Customer service Billing:

Monday — Friday:
9:00 - 18:00 CET time

Technical Support:

Monday — Friday:
9:00 - 18:00 CET time

Ordering system/certificate issuance:

24/7

LeaderTelecom B.V. is VAT-registered with the UK’s HM Revenue and Customs (HMRC) and has a UK VAT number (GB373878249) , so we can charge UK VAT as normal. All invoices for UK customers now include 20% VAT, although still denominated in EUR as the company’s tax residency is the Netherlands.

  1. Help
  2. SSL Help
  3. What is ECC and why you should use it?

You ask — we answer!

What is ECC and why you should use it?

SSL-certificates most commonly use RSA-keys, and the recommended size of the keys is constantly growing (for example, from 1024 bits to 2048 bits for the last few years), which is associated with the maintenance of sufficient cryptographic strength. Both types of keys are based on the use of asymmetric algorithms (one key for encryption and one key for decryption).

However, ECC brings the same level of cryptographic strength, while keeping the keys much smaller, what allows to increase security and reducing the computational requirements. Let's look at what ECC is, and why you should consider using it.

What is ECC?

ECC (Elliptic Curve Cryptography) - a method of public key cryptography based on the use of elliptic curves over finite fields. The most important difference in ECC from RSA is the key size compared with the cryptographic resistance. ECC provides the same cryptographic strength as the RSA-system, but with much smaller keys. For example, a 256-bit ECC key is the same as 3072-bit RSA key (which are 50% longer than the 2048-bit keys used today).

Finally, the most secure symmetric algorithms used in TLS (for example, AES) uses a minimum of 128-bit keys, so that the transition to asymmetric keys seems very reasonable.

Why you should move to the ECC?

The small size of the keys makes the ECC an ideal choice for devices with limited storage or data processing resources, which are increasingly common in the field of IoT.  In the context of server-side technologies, the small size of the keys can speed up the SSL handshake, which results in extremely fast page loading and greater security.

Today, ECC certificates are issued by Symantec and Comodo. If you need an ECC certificate, you must generate a special request. For Comodo generation of Elliptical Curve CSR’s requires OpenSSL 1.x or later, and is as follows

1). Create a configuration file Elliptic Curve Parameters.

$ openssl ecparam -name prime256v1 -out ecparams.pem

2). Create a CSR:

$ openssl req -new -sha256 -nodes -newkey ec:ecparams.pem -keyout my_ecc.key -out my_ecc.csr

Note: Issue of ECC certificates is only possible if you have not started the validation process. So be sure to inform us in advance by email that you require an ECC certificate! 


#ecc #symantec ssl #comodo ssl

Still have questions? Write to us!

I Accept

By entering your email, you confirm that you have read and accepted the website Terms and Conditions, Privacy Policy, and Money-back Policy.

>