[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] Elliptic Curve Crypto and the NSA



Hi,

> I’ve been reading a paper that talks about why the NSA told everyone to
> move to quantum resistant crypto.

Are you talking about the paper "A Riddle Wrapped in an Enigma"? 
http://eprint.iacr.org/2015/1018.pdf

> One of the ideas in the paper was that they may have broken elliptic
> curves.

I have another opinion. I didn't read something like "they may have broken
elliptic curves". The NSA  crypto experts expected that elliptic curves
(ECC) and RSA will be broken by a quantum computer in the future, in the
more or less near future. But until this will happen, RSA and ECC offer
equal security.

NSA recommendation for Suite B ciphers is NOT: "moving away from ECC now",

It means: "if you are  still using RSA, don't  spend money to move to ECC,
wait for PQC". (PQC: post quantum crypto)

A short comment by Matthew Green to step in without mathematics you may
find here:
http://blog.cryptographyengineering.com/2015/10/a-riddle-wrapped-in-curve.html

Karsten N.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk