secp224r1
ECDHE | Security: 112 bits (LEGACY) | Code: 21
Group Details
secp224r1210x0015What is secp224r1?
secp224r1 (P-224) is a NIST curve providing 112-bit security, positioned between the deprecated secp192r1 and the widely-used secp256r1. It was designed for applications requiring more security than P-192 but with smaller key sizes than P-256. However, secp224r1 has seen limited adoption in TLS, as most implementations jumped directly from secp192r1 to secp256r1. The 112-bit security level is considered borderline for modern applications, with NIST recommending 128-bit minimum security. secp224r1 offers no practical advantages over secp256r1 and should generally be avoided in new deployments.
Role in JA3 Fingerprinting
The secp224r1 group is used for ECDHE key exchange in TLS, providing perfect forward secrecy. Different browsers and HTTP clients advertise different supported groups, making this a key component of JA3 fingerprints.
Fingerprinting Impact: The order and selection of supported groups reveals browser type, version, and security preferences.