[147320] in cryptography@c2.net mail archive
Re: [Cryptography] RSA equivalent key length/strength
daemon@ATHENA.MIT.EDU (James A. Donald)
Sun Sep 29 01:00:13 2013
X-Original-To: cryptography@metzdowd.com
Date: Sun, 29 Sep 2013 12:42:32 +1000
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@metzdowd.com
In-Reply-To: <CAMm+LwixRvs=nVQ6=wCC5NHks7nwWBoMrr19jtUZ3piNeZ+szw@mail.gmail.com>
Reply-To: jamesd@echeque.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
This is a multi-part message in MIME format.
--===============0120477870075127801==
Content-Type: multipart/alternative;
boundary="------------000105020305050601000307"
This is a multi-part message in MIME format.
--------------000105020305050601000307
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
On 2013-09-28 01:23, Phillip Hallam-Baker wrote:
>
> Most cryptolibraries have a hard coded limit at 4096 bits and there
> are diminishing returns to going above 2048. Going from 4096 to 8192
> bits only increases the work factor by a very small amount and they
> are really slow which means we end up with DoS considerations.
>
> We really need to move to EC above RSA. Only it is going to be a
> little while before we work out which parts have been contaminated by
> NSA interference and which parts are safe from patent litigation. RIM
> looks set to collapse with or without the private equity move. The
> company will be bought with borrowed money and the buyers will use the
> remaining cash to pay themselves a dividend. Mitt Romney showed us how
> that works.
>
> We might possibly get lucky and the patents get bought out by a white
> knight. But all the mobile platform providers are in patent disputes
> right now and I can't see it likely someone will plonk down $200
> million for a bunch of patents and then make the crown jewels open.
>
>
> Problem with the NSA is that its Jekyll and Hyde. There is the good
> side trying to improve security and the dark side trying to break it.
> Which side did the push for EC come from?
In fact we do know this.
NSA NIST claimed that their EC curves are provably random (therefore not
backdoored)
In fact, they are provably non random, selected on an unrevealed basis,
which contradiction is, under the circumstances, compelling evidence
that the NIST curves are in fact backdoored.
--------------000105020305050601000307
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 7bit
<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 2013-09-28 01:23, Phillip
Hallam-Baker wrote:<br>
</div>
<blockquote
cite="mid:CAMm+LwixRvs=nVQ6=wCC5NHks7nwWBoMrr19jtUZ3piNeZ+szw@mail.gmail.com"
type="cite">
<meta http-equiv="Context-Type" content="text/html;
charset=ISO-8859-1">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote"><br>
<div>Most cryptolibraries have a hard coded limit at 4096
bits and there are diminishing returns to going above
2048. Going from 4096 to 8192 bits only increases the work
factor by a very small amount and they are really slow
which means we end up with DoS considerations.</div>
<div><br>
</div>
<div>We really need to move to EC above RSA. Only it is
going to be a little while before we work out which parts
have been contaminated by NSA interference and which parts
are safe from patent litigation. RIM looks set to collapse
with or without the private equity move. The company will
be bought with borrowed money and the buyers will use the
remaining cash to pay themselves a dividend. Mitt Romney
showed us how that works.</div>
<div><br>
</div>
<div>We might possibly get lucky and the patents get bought
out by a white knight. But all the mobile platform
providers are in patent disputes right now and I can't see
it likely someone will plonk down $200 million for a bunch
of patents and then make the crown jewels open.</div>
<div><br>
</div>
<div><br>
</div>
<div>Problem with the NSA is that its Jekyll and Hyde. There
is the good side trying to improve security and the dark
side trying to break it. Which side did the push for EC
come from?</div>
</div>
</div>
</div>
</blockquote>
<br>
In fact we do know this.<br>
<br>
NSA NIST claimed that their EC curves are provably random (therefore
not backdoored)<br>
<br>
In fact, they are provably non random, selected on an unrevealed
basis, which contradiction is, under the circumstances, compelling
evidence that the NIST curves are in fact backdoored.<br>
<br>
<br>
</body>
</html>
--------------000105020305050601000307--
--===============0120477870075127801==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============0120477870075127801==--