openssh unix dev - Apr 2014 - Source code patch (for 6.6p1) adding support for Brainpool Elliptic Curves

Dear all,
?
maybe it is a little early but the next (stable) version of OpenSSL will support
Brainpool Ellptic curves (current beta 1.0.2-beta1 contains support for
Brainpool already). Brainpool curves are defined in RFC 5639.
?
Please find attached a patch file that adds support for Brainpool Elliptic
Curves in OpenSSH. Currently, setting the bit size to 256, 384 or 521 selects
one of the matching NIST curves - specification of named curves not supported. I
added 512, which selects brainpoolP512r1 (canonically). Furthermore, you can
specify the nick name of an Elliptic Curve using the -b switch of ssh-keygen.

Supported nick names are:

nistp256, nistp384, nistp521

and the Brainpool ones:

brainpoolP256r1, brainpoolP256t1
brainpoolP384r1, brainpoolP384t1
brainpoolP512r1, brainpoolP512t1

Would be nice if someone could review (maybe modify if desired?) the patch and
if it is eligible, then adding the stuff would make me (and hopefully others)
happy.

Btw, ECDSA host key not touched, i.e. derived from bit size (i.e. always a
NIST-thing).

Thx.

[Gero at likemag]

?

On Mon, 7 Apr 2014, Gero Peters wrote:
> Dear all,
>
> maybe it is a little early but the next (stable) version of OpenSSL
> will support Brainpool Ellptic curves (current beta 1.0.2-beta1
> contains support for Brainpool already). Brainpool curves are defined
> in RFC 5639.
>
> Please find attached a patch file that adds support for Brainpool
> Elliptic Curves in OpenSSH. Currently, setting the bit size to 256,
> 384 or 521 selects one of the matching NIST curves - specification of
> named curves not supported. I added 512, which selects brainpoolP512r1
> (canonically). Furthermore, you can specify the nick name of an
> Elliptic Curve using the -b switch of ssh-keygen.
What are the advantages of these curves over curve25519 and it's longer
bit length cousins?

-d