Elliptic Curve Cryptography
Java supports all DHE-RSA related SSL cipher suites, but uses different names than OpenSSL.
The use of ECC in SSL/TLS is described in RFC 4492.
In practice, ECC is often used with Diffie-Hellman to speed up performance. ECC does not replace RSA for authenticating the communication partners, but is used for generating the ephemeral DH session key with the help of an EC private key. RSA is still used for providing authentication. The related SSL cipher suites all have ECDHE-RSA in their names and complement the plain DHE-based cipher suites.
The main advantage of Elliptic Curve Cryptography with Diffie-Hellman (ECDHE-RSA) over plain Diffie-Hellman (DHE-RSA) is better performance and the same level of security with less key bits. A disadvantage is the additional effort for creating and maintaining the EC key.
The next section shows how to set up and use ECDHE-RSA on z/VSE.