mersenneforum.org  

Go Back   mersenneforum.org > Math Stuff > Tales From the Crypt(o)

Reply
 
Thread Tools
Old 2015-11-06, 13:24   #1
R.D. Silverman
 
R.D. Silverman's Avatar
 
Nov 2003

1D2416 Posts
Default OMG, NSA Killed ECC! (You bastards!)

May I suggest that a crypto sub-forum might be added?

We need a forum where we can discuss such things as the recent NSA
murder of Elliptic Curve based cryptography.

For those who have not yet heard, the NSA has deprecated the use of
Ellliptic Curve Crypto.
R.D. Silverman is offline   Reply With Quote
Old 2015-11-06, 13:57   #2
LaurV
Romulan Interpreter
 
LaurV's Avatar
 
Jun 2011
Thailand

977610 Posts
Default

They can't decrypt it, or what?


(agree with the need of new subforum)
LaurV is offline   Reply With Quote
Old 2015-11-06, 14:33   #3
R.D. Silverman
 
R.D. Silverman's Avatar
 
Nov 2003

22·5·373 Posts
Default

Quote:
Originally Posted by LaurV View Post
They can't decrypt it, or what?


()
This statement shows gross ignorance of the NSA.
R.D. Silverman is offline   Reply With Quote
Old 2015-11-06, 18:29   #4
Dubslow
Basketry That Evening!
 
Dubslow's Avatar
 
"Bunslow the Bold"
Jun 2011
40<A<43 -89<O<-88

3×29×83 Posts
Default

Quote:
Originally Posted by R.D. Silverman View Post
May I suggest that a crypto sub-forum might be added?

We need a forum where we can discuss such things as the recent NSA
murder of Elliptic Curve based cryptography.

For those who have not yet heard, the NSA has deprecated the use of
Ellliptic Curve Crypto.
I have not heard. Can you please provide any number of links?

Edit: Murder is an overly strong term. I had thought you meant ECC was broken and dead. Instead, what merely seems to be the case is that the NSA is only noting that ECC is not quantum-proof.

Apparently they still "recommend" the use of Diffie-Hellman key exchange, although that is nowadays approximately as broken as RSA-1024...
Dubslow is offline   Reply With Quote
Old 2015-11-06, 18:57   #5
xilman
Bamboozled!
 
xilman's Avatar
 
"𒉺𒌌𒇷𒆷𒀭"
May 2003
Down not across

1095010 Posts
Default

Quote:
Originally Posted by Dubslow View Post
I have not heard. Can you please provide any number of links?

Edit: Murder is an overly strong term. I had thought you meant ECC was broken and dead. Instead, what merely seems to be the case is that the NSA is only noting that ECC is not quantum-proof.

Apparently they still "recommend" the use of Diffie-Hellman key exchange, although that is nowadays approximately as broken as RSA-1024...
Note that DH key exchange can be implemented in any group for which the discrete logarithm problem is (believed to be) hard, which includes the group of points on many ellliptic curves over many base fields.

Last fiddled with by xilman on 2015-11-08 at 12:00 Reason: s/digital/discrete
xilman is offline   Reply With Quote
Old 2015-11-08, 09:23   #6
Nick
 
Nick's Avatar
 
Dec 2012
The Netherlands

6D016 Posts
Default

Quote:
Originally Posted by Dubslow View Post
I have not heard. Can you please provide any number of links?
For example, the following article: https://eprint.iacr.org/2015/1018.pdf
But be aware of its caveat:
Quote:
The purpose of this article is to attempt an evaluation of the various theories, speculations, and interpretations that have been proposed for this sudden change of course by the NSA. We emphasize that this is not an academic paper, and so on occasion we shall give unsourced facts and opinions in circumstances where our sources wish to remain anonymous.
Nick is offline   Reply With Quote
Old 2015-11-08, 10:26   #7
LaurV
Romulan Interpreter
 
LaurV's Avatar
 
Jun 2011
Thailand

977610 Posts
Default

Quote:
Originally Posted by R.D. Silverman View Post
This statement shows gross ignorance of the NSA.
That is not what Fred Cohen said. Remember? "We never approve [for export] something we can not decrypt".
(anyhow, that was a joke, but as usual your detector was off)
LaurV is offline   Reply With Quote
Old 2015-11-08, 21:53   #8
Dubslow
Basketry That Evening!
 
Dubslow's Avatar
 
"Bunslow the Bold"
Jun 2011
40<A<43 -89<O<-88

11100001101012 Posts
Default

Quote:
Originally Posted by Nick View Post
For example, the following article: https://eprint.iacr.org/2015/1018.pdf
But be aware of its caveat:
Thank you, that's exactly the sort of discussion I was looking for.
Dubslow is offline   Reply With Quote
Old 2015-11-08, 22:22   #9
R.D. Silverman
 
R.D. Silverman's Avatar
 
Nov 2003

22·5·373 Posts
Default

Quote:
Originally Posted by Dubslow View Post
I have not heard. Can you please provide any number of links?

..
Go to nsa.gov and access the Crypto Suite B web page (under their 'programs' sub-tree)
R.D. Silverman is offline   Reply With Quote
Old 2015-11-08, 22:24   #10
R.D. Silverman
 
R.D. Silverman's Avatar
 
Nov 2003

22×5×373 Posts
Default

Quote:
Originally Posted by Dubslow View Post

Apparently they still "recommend" the use of Diffie-Hellman key exchange, although that is nowadays approximately as broken as RSA-1024...
No. Both use NFS in almost the same way. The only difference is that for DH over
finite fields, the LA is done modulo the order of the field, rather than mod 2.
Note that BL and BW both still work with some modifications.
R.D. Silverman is offline   Reply With Quote
Old 2015-11-08, 22:26   #11
R.D. Silverman
 
R.D. Silverman's Avatar
 
Nov 2003

22×5×373 Posts
Default

Quote:
Originally Posted by R.D. Silverman View Post
No. Both use NFS in almost the same way. The only difference is that for DH over
finite fields, the LA is done modulo the order of the field, rather than mod 2.
Note that BL and BW both still work with some modifications.
Note that DH and RSA are still allowed. With 3K-bit keys.........
R.D. Silverman is offline   Reply With Quote
Reply

Thread Tools


Similar Threads
Thread Thread Starter Forum Replies Last Post
GMP-ECM Messages Killed/Aborted/cannot allocate memory EdH GMP-ECM 13 2016-11-11 04:15
19 Arizona firefighters killed in wildland blaze ewmayer Lounge 49 2013-10-12 03:59
bin Laden killed in groundstrike ixfd64 Soap Box 33 2011-05-12 02:00
Iran Exonerates Six Who Killed in Islam’s Name ewmayer Soap Box 6 2007-04-30 01:39

All times are UTC. The time now is 03:53.


Wed Oct 20 03:53:23 UTC 2021 up 88 days, 22:22, 0 users, load averages: 1.97, 1.92, 1.89

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.

This forum has received and complied with 0 (zero) government requests for information.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.
A copy of the license is included in the FAQ.