lwn.net — Recently the NSA has recommended elliptic curve cryptography (ECC) over the more commonly used RSA public key cryptography in its Suite B recommendations. This article explains why ECC is considered more advantageous than RSA, and discusses possible patent issues and future inclusion of the technology in Apache and Mozilla browsers.
Mar 16, 2006 View in Crawl 4
dwemerMar 16, 2006
The fact that the NSA is telling me to use ECC over RSA makes me more inclined to use RSA.
craigtheguruMar 16, 2006
ECC was used in Mac OS 9's encryption feature. However it didn't make it to Mac OS X and I never learned why. Hopefully it will make it Leopard as, according to this article, it sounds good.
simaoMar 17, 2006
I definitely agree with this
tzahiMar 17, 2006
Yes, i also question their motives. Maybe they found it easier to break than RSA or found holes in it.Till the last year or 2 i thought MD5 and SHA1 are pretty much secure, and of course they are not very.I personally don't care if it would take another 60 millisecond to transfer an 1024 bit sig to make me feel more secure.
thejakesterMar 17, 2006
aaa
vvvvMar 17, 2006
The "NSA Recommendation" mentioned in the article refers to US Government information and that of companies doing business with the US Government. As the NSA website states: "NSA's goal in presenting Suite B is to provide industry with a common set of cryptographic algorithms that they can use to create products that meet the needs of the widest range of US Government (USG) needs."It is not very likely that anyone at the NSA cares what type of encryption private individuals happen to use to keep their moms from finding their porn.
sharphMar 17, 2006
yes...let us all trust the nsa....
nelson69Mar 17, 2006
Yes and no. RSA is a very well studied cryptographic algorithm, but we know way more about elliptical curves mahematically than we do about factoring primes. Assuming that factoring primes is the only way to break RSA (I don't believe that this has been established) then you could make a case that we know much more about ECC.All things being equal, I expect ECC to be pretty secure. There is no example of the NSA intentionally weakening anything, in fact there are well published and understood examples of them actually helping to make chipers more secure (like with DES) Plus ECC is radically faster than RSA and El Gamal.