On 2013-09-28 01:23, Phillip Hallam-Baker wrote:
Most cryptolibraries have a hard coded limit at 4096 bits and there
are diminishing returns to going above 2048. Going from 4096 to 8192
bits only increases the work factor by a very small amount and they
are really slow which means we end up with DoS considerations.
We really need to move to EC above RSA. Only it is going to be a
little while before we work out which parts have been contaminated by
NSA interference and which parts are safe from patent litigation. RIM
looks set to collapse with or without the private equity move. The
company will be bought with borrowed money and the buyers will use the
remaining cash to pay themselves a dividend. Mitt Romney showed us how
that works.
We might possibly get lucky and the patents get bought out by a white
knight. But all the mobile platform providers are in patent disputes
right now and I can't see it likely someone will plonk down $200
million for a bunch of patents and then make the crown jewels open.
Problem with the NSA is that its Jekyll and Hyde. There is the good
side trying to improve security and the dark side trying to break it.
Which side did the push for EC come from?
In fact we do know this.
NSA NIST claimed that their EC curves are provably random (therefore not
backdoored)
In fact, they are provably non random, selected on an unrevealed basis,
which contradiction is, under the circumstances, compelling evidence
that the NIST curves are in fact backdoored.
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
