IETF Logo Mail Archive

Re: [Cfrg] General question about ECC encryption

N6 Ghost <n6ghost@gmail.com> Sun, 01 April 2018 04:42 UTC

Return-Path: <n6ghost@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC5EC1270AB for <cfrg@ietfa.amsl.com>; Sat, 31 Mar 2018 21:42:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id by-RlbML34NJ for <cfrg@ietfa.amsl.com>; Sat, 31 Mar 2018 21:42:22 -0700 (PDT)
Received: from mail-pl0-x22e.google.com (mail-pl0-x22e.google.com [IPv6:2607:f8b0:400e:c01::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C53E81241F5 for <cfrg@irtf.org>; Sat, 31 Mar 2018 21:42:22 -0700 (PDT)
Received: by mail-pl0-x22e.google.com with SMTP id b6-v6so309243pla.11 for <cfrg@irtf.org>; Sat, 31 Mar 2018 21:42:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=6MIYf1Q7PIRr8/0iYRzkXox3jpFixfbGiANC5vp6APc=; b=XulHAVjHdQkjlRblRztRK5Lm+xMHv143Z9suS9p2ts2SNv5nN8DdsmM41dwWwYxD+w 4yREm5SXKcb8TjMfJ5Hiar5RCQLYI5BdRksmVTAYmDnl8PH+M8DKicEnSO1Ep4HJcKrp E9ZWhvyHHGN3kbzNiN7+8t9W5vUUWHxbwVcg3XcacxYiWuR9oQWxI1OwESUfc/yhoCOr khWA9zKPn5HZXBxfNDsAzGq8bn5GDyJmbjAAvLDCIvh9+kTxP/XE0Qt8o2k0hm/j5IA0 AH+pw49peebXYOeSqkDjLeuzl7tnjnSWW28jsrJK9Z/BhkvygBdq7qxYYcbw8QcGTGLc Iiyw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=6MIYf1Q7PIRr8/0iYRzkXox3jpFixfbGiANC5vp6APc=; b=bESiethcmuPE7X/UOG7q3YCe9XWRKzHi5MxITzBhOYb5xGdylhiDsb7CHUXBFzbqhv VNWt7+TG1NlSFqvxWChQJ4rHckFfWgg79Ps5iai4eKOmEx1kALOkfkRfzEArVa2dgOOr Jnq7op0zRyXSIhFkyYAe2FvTYBWvN/LYTFDqk5u5X8A1EZAkZ1CYvZYDVPen6P/nUA65 m12v3OwihSTfZw7KNZ0VRSlCgLyjaGZPeS/Vs7VD/GmV79EsPgoAQ845RWMI26yqndk7 6fbNw92MUlBCq6ej8kibb14OKkpKypgS87eHhqm2jAOFS6PhH5DzYSxL7kS2rCVLPNRg SzMQ==
X-Gm-Message-State: AElRT7GkpzFU8ptIxbZGw0eaaDpetI7Z8xwih2ZoKhsPpGzmklV0oAjO OMnQZLhCXyce3Su7UpPxyI8=
X-Google-Smtp-Source: AIpwx4+8PCiS6wUTNW5cmQ/qO3nYPs8ejscE8+fcPN4xGuOsMvU3Prxi/zj+8lY6u/VueheF0qXR5A==
X-Received: by 2002:a17:902:850c:: with SMTP id bj12-v6mr5236246plb.110.1522557742337; Sat, 31 Mar 2018 21:42:22 -0700 (PDT)
Received: from [192.168.0.22] (cpe-172-112-142-233.socal.res.rr.com. [172.112.142.233]) by smtp.gmail.com with ESMTPSA id t28sm24878324pfk.138.2018.03.31.21.42.21 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 31 Mar 2018 21:42:21 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
From: N6 Ghost <n6ghost@gmail.com>
In-Reply-To: <20180331135635.36057178.97332.23627@blackberry.com>
Date: Sat, 31 Mar 2018 21:42:20 -0700
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <36E538A5-28B4-4E9B-9A0A-CD29416136E2@gmail.com>
References: <68CDF9F6-11D1-45D7-8FF6-80C619893E27@gmail.com> <20180331135635.36057178.97332.23627@blackberry.com>
To: Dan Brown <danibrown@blackberry.com>
X-Mailer: Apple Mail (2.3445.5.20)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/JWYx-CeQF612ndWvLK-YVP22REo>
Subject: Re: [Cfrg] General question about ECC encryption
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 01 Apr 2018 04:42:24 -0000

good stuff, below.. sort reminds of OpenBSD the pump there random generators thru a second pass, amongst other things. so modern crypto
standards, more or less 2 different algorithms seem to be the best as any weakness in one is offset by the other. likewise with random generators?



> On Mar 31, 2018, at 6:56 AM, Dan Brown <danibrown@blackberry.com> wrote:
> 
> Many things are possible, see ‎https://ia.cr/2015/1018
> by Koblitz and Menezes, where they examine some speculations about secret attacks on ECC, RSA, etc.
> 
> There was considerable discussion in CFRG, and else where on _which_ ECC is best, but that does not seem to be your question.
> 
> Personal views: based on published info: ECC was in 1985, last attacks on ECDLP in prime fields were from 1999, and affected very special curves, ECC standard since around 2000, ECC now deployed very widely. Of course, one must also be careful how one uses ECC, because there’s many pitfalls.
> 
> It's okay to worry about ECC, but the solution is to use ECC + 2nd algorithm.‎ Refusing ECC passes the buck to another algorithm , e.g RSA, which might also have a secret attack, and has some published deficiencies.
> 
> 
> Sent from my BlackBerry 10 smartphone on the Rogers network.
>  Original Message
> From: N6 Ghost
> Sent: Friday, March 30, 2018 1:31 AM
> To: cfrg@irtf.org
> Subject: [Cfrg] General question about ECC encryption
> 
> 
> Hi all,
> 
> I recently, go into a “talk” with one of the security engineers at work. he was trying to tell me how he refuses to use ECC encryption because it has weakness it there basic functionality.  something about curves being able to be predicted.  and the NSA and other “big brother” orgs, have tools
> the break ECC because of these weaknesses….
> 
> whats the real skinny?
> 
> N6Ghost
> 
> 
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg
> 
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg

v2.23.0 | Report a Bug | By Email