Menu
▾
▴
Re: [Opensc-devel] ECDSA, engine_pkcs11, libp11 and OpenSSL
|
From: Douglas E. E. <dee...@an...> - 2013-09-20 12:40:58
|
On 9/20/2013 2:45 AM, Jean-Michel Pouré - GOOZE wrote: > Le jeudi 19 septembre 2013 à 15:31 -0500, Douglas E. Engert a écrit : >> Modifications to engine_pkcs11 and libp11 to support ECDSA >> are available at github for testing, and I am looking for >> comments. > > This is nice to have them on board. > > My only comment is that, according to rumors, Elliptic curves are > reported broken by NSA crypto-analysts. The reason is that Elliptic > curves offer more space for mathematics and are quite new, offering > space for discoveries in factorization. I have not heard those rumors. I have heard there are some curves, that should not be used. On the contrary, there is more discussion about breaking RSA in the next few years and the industry better be in a position to have a replacement implemented, i.e. ECDSA and ECDH. ECC is not that new it has been around for years. Its implementations are new. RSA is wide use so interest in implementation EC has been low. EC have an infinite number of curves, which complicated in implementation and security. The industry appears to be settling on a small set of named curves that can be trusted. This also makes it easier to implement. Maybe a little out dated, but from 2009: http://www.nsa.gov/business/programs/elliptic_curve.shtml Implementation of EC is falling into place. The mods are a part of that, implementing ECDSA in the engine, to supportsmart cards such as the PIV card with ECDSA and ECDH. I would rather have two crypto algorithms implemented, just in case. > > Kind regards, > > > > ------------------------------------------------------------------------------ > LIMITED TIME SALE - Full Year of Microsoft Training For Just $49.99! > 1,500+ hours of tutorials including VisualStudio 2012, Windows 8, SharePoint > 2013, SQL 2012, MVC 4, more. BEST VALUE: New Multi-Library Power Pack includes > Mobile, Cloud, Java, and UX Design. Lowest price ever! Ends 9/20/13. > http://pubads.g.doubleclick.net/gampad/clk?id=58041151&iu=/4140/ostg.clktrk > > > > _______________________________________________ > Opensc-devel mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensc-devel > -- Douglas E. Engert <DEE...@an...> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 |
