ECDSA (Elliptic Curve Digital Signature Algorithm) (ECDSA)
A digital signature algorithm using elliptic curve cryptography for TLS certificate authentication. Produces smaller, faster signatures than RSA while providing equivalent security strength.
Full Explanation
ECDSA is the digital signature algorithm that's replacing RSA for TLS certificate authentication. When your browser connects to a CDN edge and verifies the server's identity, it checks the signature on the TLS certificate. That signature is increasingly an ECDSA signature rather than an RSA one.
The numbers tell the story. An ECDSA P-256 signature is 64 bytes. An RSA-2048 signature is 256 bytes. An ECDSA P-256 public key is 64 bytes. An RSA-2048 public key is 256 bytes. A typical certificate chain has 2-3 certificates, each containing a public key and signature. ECDSA cuts the certificate chain size roughly in half, which means less data transmitted during the TLS handshake.
Performance is the other big win. ECDSA signature verification is faster than RSA verification at equivalent security levels. But more importantly for CDN edges, ECDSA signing (which the server does during every TLS handshake) is much faster than RSA signing. Benchmarks on modern hardware show ECDSA P-256 signing at 30,000+ operations per second versus RSA-2048 at about 1,500 per second. For a CDN edge handling millions of TLS handshakes daily, this translates directly to lower CPU usage and more connections per server.
Cloudflare was one of the first major CDN providers to push ECDSA certificates. They deploy dual certificates (ECDSA primary, RSA fallback) and serve the ECDSA cert to any client that supports it. Today, most modern browsers and TLS libraries support ECDSA, so the fallback rarely triggers.
The common ECDSA curves for TLS certificates are P-256 (128-bit security, most widely used) and P-384 (192-bit security, required by some government standards). P-521 exists but is rarely used because P-384 already provides more security than needed, and P-521 is slower. Ed25519, while technically a different signature scheme (EdDSA), is gaining ground but isn't yet widely supported in certificate chains.
One practical consideration: not all certificate authorities and ACME clients default to ECDSA. When requesting certificates, you often need to explicitly specify an ECDSA key. Let's Encrypt supports ECDSA and certbot can generate ECDSA keys, but you need to pass the right flags. Some older clients or devices (pre-2015 Android, older embedded systems) may not support ECDSA, so if you serve those audiences, keep an RSA fallback ready.
Examples
# Generate ECDSA private key
openssl ecparam -genkey -name prime256v1 | \
openssl ec -out ecdsa_key.pem
# Generate CSR with ECDSA key
openssl req -new -key ecdsa_key.pem \
-out ecdsa.csr -sha256 \
-subj "/CN=example.com"
# Request ECDSA cert from Let's Encrypt
certbot certonly --standalone \
--key-type ecdsa --elliptic-curve secp256r1 \
-d example.com
# Check if a site uses ECDSA or RSA
openssl s_client -connect example.com:443 \
-servername example.com 2>/dev/null | \
openssl x509 -noout -text | grep 'Public Key Algorithm'
# Public Key Algorithm: id-ecPublicKey
# (versus rsaEncryption for RSA)
# Compare key sizes
openssl ec -in ecdsa_key.pem -text -noout 2>/dev/null | head -2
# Private-Key: (256 bit)
openssl rsa -in rsa_key.pem -text -noout 2>/dev/null | head -2
# Private-Key: (2048 bit)
# Nginx: serve ECDSA cert with RSA fallback
ssl_certificate /etc/ssl/ecdsa_cert.pem;
ssl_certificate_key /etc/ssl/ecdsa_key.pem;
ssl_certificate /etc/ssl/rsa_cert.pem;
ssl_certificate_key /etc/ssl/rsa_key.pem;Frequently Asked Questions
A digital signature algorithm using elliptic curve cryptography for TLS certificate authentication. Produces smaller, faster signatures than RSA while providing equivalent security strength.
# Generate ECDSA private key
openssl ecparam -genkey -name prime256v1 | \
openssl ec -out ecdsa_key.pem
# Generate CSR with ECDSA key
openssl req -new -key ecdsa_key.pem \
-out ecdsa.csr -sha256 \
-subj "/CN=example.com"
# Request ECDSA cert from Let's Encrypt
certbot certonly --standalone \
--key-type ecdsa --elliptic-curve secp256r1 \
-d example.com
# Check if a site uses ECDSA or RSA
openssl s_client -connect example.com:443 \
-servername example.com 2>/dev/null | \
openssl x509 -noout -text | grep 'Public Key Algorithm'
# Public Key Algorithm: id-ecPublicKey
# (versus rsaEncryption for RSA)
# Compare key sizes
openssl ec -in ecdsa_key.pem -text -noout 2>/dev/null | head -2
# Private-Key: (256 bit)
openssl rsa -in rsa_key.pem -text -noout 2>/dev/null | head -2
# Private-Key: (2048 bit)
# Nginx: serve ECDSA cert with RSA fallback
ssl_certificate /etc/ssl/ecdsa_cert.pem;
ssl_certificate_key /etc/ssl/ecdsa_key.pem;
ssl_certificate /etc/ssl/rsa_cert.pem;
ssl_certificate_key /etc/ssl/rsa_key.pem;Related CDN concepts include:
- TLS (Transport Layer Security) (TLS) — The encryption protocol that secures HTTPS connections. TLS encrypts data in transit between client and …
- ACME (Automated Certificate Management) (ACME) — A protocol for automating TLS certificate issuance and renewal. Created by Let's Encrypt and standardized …
- ECDHE (Elliptic Curve Diffie-Hellman Ephemeral) (ECDHE) — A key exchange algorithm used in TLS that provides forward secrecy using elliptic curve cryptography. …