[Cryptography] RSA equivalent key length/strength

James A. Donald jamesd at echeque.com
Sun Sep 29 20:07:14 EDT 2013

Gregory Maxwell on the Tor-talk list has found that NIST approved 
curves, which is to say NSA approved curves, were not generated by the 
claimed procedure, which is a very strong indication that if you use 
NIST curves in your cryptography, NSA can read your encrypted data.

As computing power increases, NSA resistant RSA key have become 
inconveniently large, so have to move to EC keys.

NIST approved curves are unlikely to be NSA resistant.

Therefore, everyone should use Curve25519, which we have every reason to 
believe is unbreakable.

More information about the cryptography mailing list