To All- Recent announcements from NSA point to them moving to Elliptical Curve Cryptography for public key encryption.
------------------- MISSISSAUGA, ON, March 2 /PRNewswire-FirstCall/ -- Elliptic Curve Cryptography (ECC), a strong, efficient public key cryptosystem, will soon become the standard to protect U.S. government communications. On February 16, 2005 at the RSA conference, the National Security Agency (NSA) presented its strategy and recommendations for securing U.S. government sensitive and unclassified communications. The strategy included a recommended set of advanced cryptography algorithms known as Suite B for securing sensitive and unclassified data. The only public key protocols included in Suite B are Elliptic Curve Menezes-Qu-Vanstone (ECMQV) and Elliptic Curve Diffie-Hellman (ECDH) for key agreement and Elliptic Curve Digital Signature Algorithm (ECDSA) for authentication. The Advanced Encryption Standard (AES) for data encryption and SHA for hashing are also included. All of the Suite B algorithms are consistent with the National Institute of Standards and Technology (NIST) publications. .................. http://www.infoworld.com/Unisys_ES7000_Aries_420_Server/product_52737.html?view=8&curNodeId=0&prId=TO22202032005-1 ---------------------- In doing a little searching I saw that Sun made announcements boasting it donated code to OpenSSL for ECC implementation. http://research.sun.com/projects/crypto/FrequenlyAskedQuestions.html But I can find no other information about ECC in OpenSSL. Is this form of public key encryption available with OpenSSL? Is it under consideration with the move to these algorithms by the US Govt? As an additional question, will OpenSSL soon include larger SHA hash functions (SHA 256, SHA 512) now that SHA-1 has been shown to be weak? Many thanks! Yours- Ridge Cook ---PGP Keys--- Signing 0x4AF823E3 Encrypting 0x43537711 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
