Problems With Elliptic Curves In TLS and SSH presented at Anycon 2017

by Joe Testa,

Summary : This presentation examines the elliptic curve parameters standardized by NIST in FIPS 186-2, which are suspected by some as being back-doored by the National Security Agency. Despite being first introduced over 17 years ago, these curve parameters remain highly prevalent, as they are central to both the TLS and SSH protocols. An overview of the history and process of their standardization will be covered, along with a discussion of the NSA’s other successful back doors in NIST’s standards (as revealed by Edward Snowden). Recent developments in new curve parameters will be shown, as will a practical guide aimed at systems administrators for disabling the suspicious curve parameters in TLS and SSH.