[146611] in cryptography@c2.net mail archive
Re: [Cryptography] Opening Discussion: Speculation on "BULLRUN"
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Thu Sep 5 21:36:19 2013
X-Original-To: cryptography@metzdowd.com
Date: Fri, 06 Sep 2013 13:28:10 +1200
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
"Perry E. Metzger" <perry@piermont.com> writes:
>I would like to open the floor to *informed speculation* about BULLRUN.
Not informed since I don't work for them, but a connect-the-dots:
1. ECDSA/ECDH (and DLP algorithms in general) are incredibly brittle unless
you get everything absolutely perfectly right.
2. The NSA has been pushing awfully hard to get everyone to switch to
ECDSA/ECDH.
Wasn't Suite B promulgated in the 2005-2006 period?
Peter (who choses RSA over ECC any time, follow a few basic rules and you're
safe with RSA while ECC is vulnerable to all manner of attacks,
including many yet to be discovered).
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
