Security considerations for elliptic curve domain parameters selection

We present a summary of currently known security requirements of elliptic curve domain parameters together with a discussion of various methods for generating elliptic curve domain parameters, such as the exhaustive approach, verifiably random algorithms or a method using complex multiplication. We demonstrate a tool we built for fast generation of elliptic curve domain parameters using these methods. We analyze potential elliptic curve cryptography implementation pitfalls, their consequences on security and present a tool for thorough blackbox testing of elliptic curve cryptography implementations on smart cards and in software libraries.