RSA Security 5 manual Crypto-C procedures to use with algorithm object

AI_ECParamGen

Crypto-C procedures to use with algorithm object:

B_GenerateInit and B_GenerateParameters. B_GenerateParameters sets the resultAlgorithmObject with the parameter information. You must pass an initialized random algorithm to B_GenerateParameters.

Algorithm methods to include in application’s algorithm chooser:

AM_ECFP_PARAM_GEN for odd prime fields and AM_ECF2POLY_PARAM_GEN for even characteristic.

Notes:

Generating an elliptic curve for even characteristic without table lookup (fieldType = FT_F2_ONB or FT_F2_POLYNOMIAL and tableLookup = 0) can be extremely time- consuming, taking several hours in some cases. In general, larger values for minOrderBits mean longer times for curve generation. Therefore, if you wish to generate curves for even characteristic, but do not want to use table lookup, you can speed curve generation by setting a smaller value for minOrderBits. Remember, however, that the size of minOrderBits is directly tied to the security of your elliptic curve cryptosystem. Setting minOrderBits allows you to make a trade-off between the time it takes to generate curves and the security of your system.