Source code patch (for 6.6p1) adding support for Brainpool Elliptic Curves

Damien Miller djm at
Tue Apr 8 17:45:13 EST 2014

On Mon, 7 Apr 2014, Gero Peters wrote:

> Dear all,
> maybe it is a little early but the next (stable) version of OpenSSL
> will support Brainpool Ellptic curves (current beta 1.0.2-beta1
> contains support for Brainpool already). Brainpool curves are defined
> in RFC 5639.
> Please find attached a patch file that adds support for Brainpool
> Elliptic Curves in OpenSSH. Currently, setting the bit size to 256,
> 384 or 521 selects one of the matching NIST curves - specification of
> named curves not supported. I added 512, which selects brainpoolP512r1
> (canonically). Furthermore, you can specify the nick name of an
> Elliptic Curve using the -b switch of ssh-keygen.

What are the advantages of these curves over curve25519 and it's longer
bit length cousins?


More information about the openssh-unix-dev mailing list