Tuesday, October 01, 2013
NSA: "Due to the Government Shutdown, this site is not being updated."
Elliptic Curve Cryptography provides greater security and more efficient performance than the first generation public key techniques (RSA and Diffie-Hellman) now in use. As vendors look to upgrade their systems they should seriously consider the elliptic curve alternative for the computational and bandwidth advantages they offer at comparable security.
DH Cost : EC Cost
|Table 2: Relative Computation Costs of Diffie-Hellman and Elliptic Curves|
99% BAD HARDWARE WEEK: EC means Elliptic Curve.
There are plenty of elliptic curves to choose from. A cryptosystem based on a random one is virtually impregnable and hence protects our privacy. But it turns out that there are some elliptic curves that look random but actually allow for easy decryption; that's an example of a backdoor. It's a nontrivial mathematical problem to generate such curves (equipped with some extra data), but it can be done. And according to the reports, the NSA has been pushing the National Institute of Standards and Technology, the body that sets encryption standards in the United States, and various vendors to adopt such special elliptic curves since as early as 2006, knowing full well that they were prone to attacks.