wolfSSL 4.4.0 introduces new high security elliptic curve algorithms: X448 and Ed448. These algorithms are specified for TLS – RFC 8446 and RFC 8442 – and in NIST drafts FIPS 186-5 and SP 800-186.
These high security algorithms are not only fast but also small – 10KB for the optimised X448 C code on Intel x64! And it’s faster than OpenSSL:
| Algorithm | Operation | wolfSSL C | OpenSSL 1.1.1c |
|---|---|---|---|
| ECDH X448 | Key Gen | 6409 | |
| ECDH X448 | Key Agree | 6449 | 2635 |
| ECDSA ED448 | Sign | 14591 | 4339 |
| ECDSA ED448 | Verify | 5290 | 2388 |
wolfSSL is nearly two and half times faster than OpenSSL when performing key agreement, three and a third times faster for signing and over two times faster when verifying!
Curve448 is great choice for applications where code size matters; especially compared to P-384:
| Algorithm | Operation | wolfSSL C Curve448 | wolfSSL C P-384 | OpenSSL 1.1.1c P-384 |
|---|---|---|---|---|
| ECDH X448 | Key Gen | 6409 | 8505 | |
| ECDH X448 | Key Agree | 6449 | 3121 | 1455 |
| ECDSA ED448 | Sign | 14591 | 4339 | 1391 |
| ECDSA ED448 | Verify | 5290 | 2388 | 1842 |
Curve448 can be used in TLS 1.2 and 1.3 for key exchange and certificates.
Do you need higher security or is code size important? Then you must consider using X448 and Ed448 for your public key operations from wolfSSL!
If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us at +1 425 245 8247.