I suggest you ...

Migrate from RSA to ECC

Elliptic curve cryptography would show performance increases and key-size decreases over RSA.

41 votes
Vote
Sign in
(thinking…)
Sign in with: facebook google
Signed in as (Sign out)
You have left! (?) (thinking…)
Colin Arnott shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

8 comments

Sign in
(thinking…)
Sign in with: facebook google
Signed in as (Sign out)
Submitting...
  • Colin Arnott commented  ·   ·  Flag as inappropriate

    You are aware that this article is discussing the use of quantum computers. Since these do not exist this, for the time, is a moot point. It is also known that most modern crypto is broken with quantum computing.

  • Colin Arnott commented  ·   ·  Flag as inappropriate

    While your article is informative, I think you have the wrong take away message and it seems like you did not read many parts:

    0) the only NIST standard that is known to be compromised is the Dual Elliptic Curve Deterministic Random Bit Generator; and "Researchers have warned since 2007 that Dual_EC_DRBG has a serious weakness".

    1) "Silent Circle's new decision ... doesn't mean that these standards are insecure"

    2) even Silent Circle is not moving away from ECC: "Silent Circle plans to replace the P-384 elliptic curve with one or more curves that are being designed by cryptographers Daniel Bernstein and Tanja Lange"

    Now, if you read through all the comments to this request, you will notice that I never suggested any NIST curves be used. This is because for me too, "the spell is broken". Of curves that I proposed [Curve1174, Curve25519, Curve383187, Curve41417], Curve1174, Curve25519, and Curve41417] were designed by the same "Daniel Bernstein and Tanja Lange" that Silent Circle is using. So correct me if I am wrong, but I believe I am suggesting curves from the same subset that Silent Circle is using.

    There are several other considerations that you can use when selecting a good curve and there are such things as secure or safe elliptic curves. For this, I once again direct anyone to [ http://safecurves.cr.yp.to/ ] for a more in depth analysis by PhDs.

    Furthermore, ECC is based on a difficult maths problem [discrete logarithm] in the same way that RSA is based on a difficult maths problem [prime number factoring]. While the two problems are likely not of the same difficulty, they are both hard enough that current computational methods cannot solve current implementations. So, it is not as though one was weakened by the NSA. As well the discrete logarithm problem is used elsewhere in crypto [diffie-helman key exchanges], so there is twice the implementation to find possible flaws.

  • Winston commented  ·   ·  Flag as inappropriate

    If not a complete migration, I would at least like the option to use ECC over RSA

  • Colin Arnott commented  ·   ·  Flag as inappropriate

    While any ecc curve can be used, you should really look into cryptographically secure curves. I would advise the following curves based on your key-size preference: [Curve1174, Curve25519, Curve383187, Curve41417] See the following for more information about why to NOT use NIST and some other curves: <http://safecurves.cr.yp.to/>.

Feedback and Knowledge Base