mbedtls/docs
Gilles Peskine b1940a76ad In TLS, order curves by resource usage, not size
TLS used to prefer larger curves, under the idea that a larger curve has a
higher security strength and is therefore harder to attack. However, brute
force attacks are not a practical concern, so this was not particularly
meaningful. If a curve is considered secure enough to be allowed, then we
might as well use it.

So order curves by resource usage. The exact definition of what this means
is purposefully left open. It may include criteria such as performance and
memory usage. Risk of side channels could be a factor as well, although it
didn't affect the current choice.

The current list happens to exactly correspond to the numbers reported by
one run of the benchmark program for "full handshake/s" on my machine.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-06-17 21:46:29 +02:00
..
3.0-migration-guide.d In TLS, order curves by resource usage, not size 2021-06-17 21:46:29 +02:00
architecture Give examples of PLATFORM_XXX_ALT 2021-06-15 00:14:28 +02:00
proposed Merge pull request #4377 from mpg/psa-pbkdf2-api 2021-05-12 18:00:30 +02:00
.gitignore Add a directory for proposed specifications 2020-07-13 13:27:42 +02:00
3.0-migration-guide.md Rename library/ecp_alt.h to ecp_internal_alt.h 2021-06-15 00:10:37 +02:00
getting_started.md Rename output buffer size macros 2021-01-21 13:17:25 +01:00
PSACryptoDriverModelSpec.pdf Add generated documentation for mbedcrypto-0.1.0b 2018-11-26 17:21:23 +00:00