On Apr 17, 2014, at 23:17, walt <w41...@gmail.com> wrote: > On 04/17/2014 11:43 AM, Matti Nykyri wrote: >> I don't know much about the secp521r1 curve or about its security. >> You can list all available curves by: >> >> openssl ecparam -list_curves > > I don't either, but I hope this guy does :) > > http://www.math.columbia.edu/~woit/wordpress/?p=6243
Good article :) The overall picture I had about EC is more or less the same as described in the article. But you always have to make a threat analysis and it depends on the private data you are protecting. By definition any private data will be disclosed given enough time and resources. So if your adversary is NSA... Well protecting the communication of regular internet user and your production server with SSL and x509 certificates will just not secure the content. I'm 100% certain that NSA has access to at least one CA root certificates private keys. With those they can do a man-in-the-middle attack that the regular user will most likely never spot. I my own security model I'm protected from NSA by the fact that it will disappear in the flow of all other traffic because NSA is not stealing credit card numbers :) ECDSA with ECDHE is fast and secure according to public sources. The problem is totally different if you are protecting the secrets of your company that are within the interest of NSA. I'm lucky I don't have to try that. -- -Matti
