Cringely Gives KnowNow Some Unbelievable Free Press... (fwd)
Enzo Michelangeli
em at who.net
Mon Jan 28 20:26:09 EST 2002
----- Original Message -----
From: "Eric Rescorla" <ekr at rtfm.com>
To: "Eugene Leitl" <Eugene.Leitl at lrz.uni-muenchen.de>
Sent: Monday, 28 January, 2002 6:33 AM
[...]
> If you want to see EC used you need to describe a specific algorithm
> which has the following three properties:
>
> (1) widely agreed to be unencumbered, particularly by the big players.
> [extra points if you're willing to indemnify]
> (2) significantly better than RSA (this generally means faster)
> (3) has seen a significant amount of analysis so that we can have
> some reasonable confidence it's secure.
>
> Until someone does that, the cost of information in choosing an
> EC algorithm is simply too high to justify replacing RSA in
> most applications.
Well, a nice characteristic that RSA doesn't have is the ability of using as
secret key a hash of the passphrase, which avoids the need of a secret
keyring and the relative vulnerability to dictionary attacks. See e.g. the
Pegwit application, which, in its version 9
(http://groups.yahoo.com/group/pegwit/) does not, AFAIK, infringe on any EC
patent.
Enzo
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list