[147328] in cryptography@c2.net mail archive
Re: [Cryptography] RSA equivalent key length/strength
daemon@ATHENA.MIT.EDU (James A. Donald)
Mon Sep 30 00:10:05 2013
X-Original-To: cryptography@metzdowd.com
Date: Mon, 30 Sep 2013 10:07:14 +1000
From: "James A. Donald" <jamesd@echeque.com>
To: Perrys crypto list <cryptography@metzdowd.com>
In-Reply-To: <5248BDB8.8010903@echeque.com>
Reply-To: jamesd@echeque.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
Gregory Maxwell on the Tor-talk list has found that NIST approved
curves, which is to say NSA approved curves, were not generated by the
claimed procedure, which is a very strong indication that if you use
NIST curves in your cryptography, NSA can read your encrypted data.
As computing power increases, NSA resistant RSA key have become
inconveniently large, so have to move to EC keys.
NIST approved curves are unlikely to be NSA resistant.
Therefore, everyone should use Curve25519, which we have every reason to
believe is unbreakable.
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography