[Cryptography] IETF discussion on new ECC curves.
Viktor Dukhovni
cryptography at dukhovni.org
Fri Aug 8 21:31:33 EDT 2014
On Fri, Aug 08, 2014 at 01:53:08PM -0400, Richard Outerbridge wrote:
> The more the merrier, if there were also an agreed upon way to tell
> bad randomly generated curves from good ones.
Given that there is and likely cannot be such a mechanism, and that
random curves have noticeably bad performance. And may take
considerable time to generate, this approach seems unlikely.
We already a few more good new curves than we may need, plus all
the old ones whose reputation is now in doubt, but are needed for
interoperability.
--
Viktor.
More information about the cryptography
mailing list