Would it be a good idea to use x448 only for maximum security?

Domains: Whonix, Kicksecure

Nginx configuration: ssl_ecdh_curve X448;

As per SSL Labs Key exchange table they only consider 4096 bits (Equivalent RSA/DH Key Size) and above to be secure (100% score reading) which mean only secp384r1 and secp521r1 must be used.

What's your insights about this subject?

ThX!

Supporting x448 is fine, but the vast majority of the world is using X25519. There’s no security reason not to use X25519 for key exchange except for post-quantum threats, which x448 isn’t going to help too much.

If you’re interested in high security, you should ensure you have post-quantum key exchange support, like X25519+ML-KEM-768

10 Likes

Thanks a lot for the answer.

Yeah, what you said is correct. I’ll share with you some LulzSec stuff regarding my journey with this topic:

  • I tried to make a website using only X448 = Error code: SSL_ERROR_NO_CYPHER_OVERLAP on both Firefox and Chromium-based browsers.
  • Ok, I want to use a hybrid X25519 key = OQS package not available in Debian stable or even trixie the next stable release (unless using git clone or sid, which is not ideal on a Debian server…).
  • Is there even a pure PQC key supported by any browser? = Nope..

So yeah alot of lulzsec still in the internet infrastructure.

Appreciated :rose:

1 Like

Perhaps try Caddy 2.10, it can do ECH, and PQC

Sorry wrong values: sect571r1 and sect571k1*

We discovered that SSL Labs SSL Server Test is only based on RSA readings, meaning its old, and its broken when using only ECC.

Caddy is nice but its unrelated issue to caddy or nginx or apache..