RFC 7748: Elliptic Curves for Security
https://datatracker.ietf.org/doc/html/rfc7748
SafeCurves: choosing safe curves for elliptic-curve cryptography
https://safecurves.cr.yp.to/
But until OpenVPN 2.5.7, OpenVPN supports none of them:
Code: Select all
secp224r1
secp256k1
secp384r1
secp521r1
prime256v1
Code: Select all
openssl list -key-exchange-algorithms
Code: Select all
{ 1.2.840.113549.1.3.1, DH, dhKeyAgreement } @ default
{ 1.3.101.110, X25519 } @ default
{ 1.3.101.111, X448 } @ default
ECDH @ default
TLS1-PRF @ default
HKDF @ default
{ 1.3.6.1.4.1.11591.4.11, id-scrypt, SCRYPT } @ default