IETF Logo Mail Archive

Re: ECC in OpenPGP

Hironobu SUZUKI <hironobu@h2np.net> Tue, 31 August 2010 02:43 UTC

Received: from hoffman.proper.com (localhost [127.0.0.1]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id o7V2hlrq023235 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 30 Aug 2010 19:43:48 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by hoffman.proper.com (8.14.4/8.13.5/Submit) id o7V2hlq2023234; Mon, 30 Aug 2010 19:43:47 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: hoffman.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from mail.h2np.net (sea.h2np.net [220.110.1.194]) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id o7V2hjND023229 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NO) for <ietf-openpgp@imc.org>; Mon, 30 Aug 2010 19:43:47 -0700 (MST) (envelope-from hironobu@mail.h2np.net)
Received: from lax.h2np.net ([220.110.1.195] helo=mail.h2np.net) by mail.h2np.net with esmtp (Exim 4.69) (envelope-from <hironobu@mail.h2np.net>) id 1OqGp5-0007ts-OC; Tue, 31 Aug 2010 11:43:43 +0900
From: Hironobu SUZUKI <hironobu@h2np.net>
To: Jon Callas <jon@callas.org>
cc: OpenPGP Working Group <ietf-openpgp@imc.org>
Subject: Re: ECC in OpenPGP
In-reply-to: <B095E184-5B6A-4339-9AD7-86568C0E43CC@callas.org>
References: <1282856536.11340.29.camel@fermat.scientia.net> <87pqx4mm0b.fsf@vigenere.g10code.de> <04ac7894a29b891da7cbde98adb287e5@imap.dd24.net> <83BF96BC-A771-4511-B431-9B9B1545E351@callas.org> <49ee22eb2e5747f077b3bc885f197083@imap.dd24.net> <87y6boj5e0.fsf@vigenere.g10code.de> <4C7C4939.8050009@iang.org> <B095E184-5B6A-4339-9AD7-86568C0E43CC@callas.org>
Comments: In-reply-to Jon Callas <jon@callas.org> message dated "Mon, 30 Aug 2010 17:44:53 -0700."
X-Mailer: MH-E 8.0.3; nmh 1.3; GNU Emacs 22.2.1
Date: Tue, 31 Aug 2010 11:43:43 +0900
Message-ID: <17360.1283222623@mail.h2np.net>
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>

Jon Callas <jon@callas.org> wrote:
> 
> If you're happy with 128-bit security, then you don't need ECC. RSA is
> just fine. If you want 256-bit security, then you have a quandary. You
> either need to go beyond 4096-bit RSA keys, or go to ECC. It's that
> simple.

I agree.

I wrote some program for Ruby OpenSSL Sample.

openssl-0.9.8h + ruby-1.9.0-4
http://h2np.net/tips/wiki/index.php?RubyOpenSSLDigitalSignatureSample

  Symmetric     ECC     RSA/DSA
1       80      160     1024
2       112     224     2048
3       128     256     3072
4       192     384     8192
5       256     521     15360


Sign+Verify time (sec)

        ECDSA        DSA        RSA-SIGN
1       2.555977     0.929024   1.076000
2       2.926534     2.645445   5.111679
3       3.592816     5.505652   14.402504
4       7.161274     30.169381  191.516328
5       9.017966        -       -
        (sec)

RSA/2K-key isn't so slow, it's OK.  RSA/3K-key is slow but acceptable.

Regards,

---
Hironobu SUZUKI <hironobu at h2np dot net>
FSIJ / WCLSCAN / OpenPKSD
Tokyo, Japan.

v2.23.0 | Report a Bug | By Email