HOWTO: Elliptic Curve Cryptography support in Rebex SSH and Rebex TLS/SSL
Introduction
Elliptic Curve Cryptography (ECC) is an attractive alternative to classic public-key algorithms based on modular exponentiation. Compared to the algortihms such as RSA, DSA or Diffie-Hellman, elliptic curve cryptography offers equivalent security with smaller key sizes.
Built-in support for ECC algorithms in Microsoft Windows and .NET Framework used to be very limited. Before Windows 10, the OS only supported Elliptic Curve DSA (ECDSA) and Elliptic Curve Diffie Hellman (ECDH) based on NIST P-256, P-384 and P-521 curves. Additionally, MS CNG API implementation of ECDH was not quite suitable for SSH due to lack of support for compatible shared secret padding methods. On top of this, there used to be a bug in MS CNG implementation of ECDH related to handling of shared secret padding, which can occasionally lead to TLS/SSL negotiation failures on old systems.
Supported algorithms
Due to the limitations mentioned above, Rebex components do not support all ECC algorithm out-of-the-box on all platforms. However, algorithms not provided by the OS or .NET can be easily enabled using an external plugin. The following table lists both natively-supported algorithms and those that require a plugin:
Protocol | Components | Supported elliptic curve algorithms |
---|---|---|
TLS/SSL (client side and server side) |
Rebex HTTPS Rebex FTP/SSL Rebex WebSocket Rebex IMAP (part of Rebex Secure Mail) Rebex EWS (part of Rebex Secure Mail) Rebex POP3 (part of Rebex Secure Mail) Rebex SMTP (part of Rebex Secure Mail) Rebex Telnet/SSL (part of Terminal Emulation) |
Built-in support: ECDSA with NIST P-256/P-384/P-521 curves - on Windows Vista (or higher), on Windows Embedded Compact 2013, on Linux (via .NET Core >=2.1) ECDSA with Brainpool P-256 R1, P-384 R1 and P-512 R1 curves - on Windows 10/11 and Windows Server 2016 (or higher), on Linux (via .NET Core >=2.1 when available) ECDH with NIST P-256/P-384/P-521 curves in TLS 1.2 - on Windows 7 (or higher), on Windows Server 2008 R2 (or higher), on Linux (via .NET Core >=2.1) ECDH with NIST P-256/P-384/P-521 curves in TLS 1.3/1.1/1.0 - on Windows Vista (or higher), on Windows Server 2008 R1 (or higher), on Windows Embedded Compact 2013, on Linux (via .NET Core >=2.1) ECDH with Brainpool P-256 R1, P-384 R1 and P-512 R1 curves - on Windows 10/11 and Windows Server 2016 (or higher), on Linux (via .NET Core >=2.1 when available) ECDH with Curve25519 - on Windows 10/11 and Windows Server 2016 (or higher) |
With external plugins: ECDSA with NIST P-256/P-384/P-521 curves - on all platforms ECDH with NIST P-256/P-384/P-521 curves - on all platforms ECDH with Brainpool P-256 R1, P-384 R1 and P-512 R1 curves - on all platforms ECDH with Curve25519 - on all platforms |
||
SSH (client-side) |
Rebex SFTP Rebex SCP (part of Rebex SFTP) Rebex SSH Shell (part of Terminal Emulation) |
Built-in support: ECDSA with NIST P-256/P-384/P-521 curves - on Windows Vista (or higher), on Windows Embedded Compact 2013, on Linux (via .NET Core >=2.1) EdDSA with Ed25519 curve - on all platforms ECDH with NIST P-256/P-384/P-521 curves - on Windows Vista (or higher), on Windows Embedded Compact 2013, on Linux (via .NET Core >=2.1) ECDH with Curve25519 - on Windows 10/11 and Windows Server 2016 (or higher) (Note: Due to incompatible ECDH shared secred padding handling in MS CNG, negotiation failures may occasionally occur on Windows 8.1 or earlier and are worked around automatically.) |
With external plugins: ECDSA with NIST P-256/P-384/P-521 curves - on all platforms ECDH with NIST P-256/P-384/P-521 curves - on all platforms ECDH with Curve25519 - on all platforms |
||
SSH (server-side) |
Rebex File Server |
Built-in support: ECDSA with NIST P-256/P-384/P-521 curves - on Windows Vista (or higher), on Windows Embedded Compact 2013, on Linux (via .NET Core >=2.1) EdDSA with Ed25519 curve - on all platforms ECDH with NIST P-256/P-384/P-521 curves - on Windows 10/11, on Windows Server 2016 (or higher), on Linux (via .NET Core >=2.1) ECDH with Curve25519 - on Windows 10/11 and Windows Server 2016 (or higher) (Note: ECDH is not supported on Windows 8.1 or earlier due to incompatible shared secred padding handling in MS CNG.) |
With external plugins: ECDSA with NIST P-256/P-384/P-521 curves - on all platforms ECDH with NIST P-256/P-384/P-521 curves - on all platforms ECDH with Curve25519 - on all platforms |
Enabling external ECC plugins
To make it simple to enable ECC support in Rebex components, we provide a set of plugins based on various open-source libraries. For more information, licensing details and supported platforms, visit Simple Elliptic Curve Libraries page.
The compiled plugins are available for download: RebexEllipticCurvePlugins.zip
To register and enable these plugins, reference the DLLs from the ZIP file suitable for your platform and add the following code:
C#
using Rebex.Security.Cryptography; ... // register NIST and Brainpool curves AsymmetricKeyAlgorithm.Register(EllipticCurveAlgorithm.Create); // register Curve25519 AsymmetricKeyAlgorithm.Register(Curve25519.Create); // register Ed25519 AsymmetricKeyAlgorithm.Register(Ed25519.Create);
VB.NET
Imports Rebex.Security.Cryptography ... ' register NIST and Brainpool curves AsymmetricKeyAlgorithm.Register(AddressOf EllipticCurveAlgorithm.Create) ' register Curve25519 AsymmetricKeyAlgorithm.Register(AddressOf Curve25519.Create) ' register Ed25519 AsymmetricKeyAlgorithm.Register(AddressOf Ed25519.Create)
The source code is available here: https://github.com/rebexnet/elliptic.