[10318] in cryptography@c2.net mail archive
Re: Cringely Gives KnowNow Some Unbelievable Free Press... (fwd)
daemon@ATHENA.MIT.EDU (Enzo Michelangeli)
Mon Jan 28 21:12:12 2002
Message-ID: <008e01c1a864$d781f9a0$0200000a@noip.com>
Reply-To: "Enzo Michelangeli" <em@em.no-ip.com>
From: "Enzo Michelangeli" <em@who.net>
To: "EKR" <ekr@rtfm.com>,
"Eugene Leitl" <Eugene.Leitl@lrz.uni-muenchen.de>
Cc: "Cryptography List" <cryptography@wasabisystems.com>
Date: Tue, 29 Jan 2002 09:26:09 +0800
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
----- Original Message -----
From: "Eric Rescorla" <ekr@rtfm.com>
To: "Eugene Leitl" <Eugene.Leitl@lrz.uni-muenchen.de>
Sent: Monday, 28 January, 2002 6:33 AM
[...]
> If you want to see EC used you need to describe a specific algorithm
> which has the following three properties:
>
> (1) widely agreed to be unencumbered, particularly by the big players.
> [extra points if you're willing to indemnify]
> (2) significantly better than RSA (this generally means faster)
> (3) has seen a significant amount of analysis so that we can have
> some reasonable confidence it's secure.
>
> Until someone does that, the cost of information in choosing an
> EC algorithm is simply too high to justify replacing RSA in
> most applications.
Well, a nice characteristic that RSA doesn't have is the ability of using as
secret key a hash of the passphrase, which avoids the need of a secret
keyring and the relative vulnerability to dictionary attacks. See e.g. the
Pegwit application, which, in its version 9
(http://groups.yahoo.com/group/pegwit/) does not, AFAIK, infringe on any EC
patent.
Enzo
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
