Mbed TLS is now part of TrustedFirmware.org.

ECDH and ECC in PolarSSL

Dec 8, 2009 14:57

Do you plan support in your library ECC cryptography and in particular ECDH
algorithm ?

With Best Regards.
Dec 9, 2009 20:42
Paul Bakker


To give the simple answer: Yes

But it's not going to be supported in the next 3 months.

If you need it within a specific time frame for commercial purposes, you can contact me by mail and maybe we can work something out.

Best regards,
May 23, 2012 14:54


any news about implementation of ecc?

best regards
May 25, 2012 13:03
Paul Bakker

Not done yet and not at the top of our list yet.

I have heard that one of our contributers might be busy finishing up an implementation. I'll check into that!
Nov 11, 2012 19:45
Alex Kvasov

How is ECC progressing?
Nov 12, 2012 11:10
Paul Bakker

ECC algorithms are implemented and work is ongoing to implement the protocol extensions into SSL/TLS.

Before releasing a lot of testing needs to be done.
Dec 21, 2012 02:21


Is it possible to release the ECC releated source code on the GIthub trunk, even if it is not fully tested? Thanks a lot!

Dec 30, 2012 14:56
Paul Bakker

Yes. We will shortly. We currently have two 'competing' implementation branches that we are consolidating. But I expect to have a preliminary branch up in the next two weeks. You may bug me about that :)

Jan 16, 2013 07:16


Is the ECC releated source code ready to branch up on Github? Thanks a lot!

Jan 16, 2013 16:05
Paul Bakker

Pushed the first version online at github:


WARNING: This branch WILL be rebased in the future for cleanups, so keep that in mind!

This branch only contains the bare ECC code, not yet the ciphersuites based on it. They will be added soon.

If you do check it out, please let us know if you run into any issues, have suggestions, see mistakes, miss features, etc..

Aug 1, 2013 04:32

I have compiled OpenVPN with PolatSSL and it does not show ECC ciphers. When will this be implemented?

Aug 2, 2013 10:48
Paul Bakker

You're probably better off asking on the OpenVPN forum..

I know they are not yet supporting the 1.3 development branch. I hope they will do so soon after the first official release. That will be in this month.

Aug 15, 2013 16:14

Would you be able to tell us if version 1.3 will support ECDHE-ECDSA-AES256-GCM-SHA384 cipher suite?

Aug 16, 2013 12:26
Paul Bakker

99% certainty: Yes..

(All the basic parts are there. We just have to couple it all together..)

Based on our current progress wrapping up for 1.3.0: Yes..

Aug 28, 2013 15:00
Paul Bakker

Although not fully stable yet (there might be some changes in the API), we have just pushed our new development branch on github.

This supports the ECDHE-ECDSA-AES256-GCM-SHA384 ciphersuite..