[Cryptography] [cryptography] NIST Workshop on Elliptic Curve Cryptography Standards
Thierry Moreau
thierry.moreau at connotech.com
Mon May 11 22:14:46 EDT 2015
On 05/12/15 00:16, ianG wrote:
> On 11/05/2015 17:56 pm, Thierry Moreau wrote:
>> On 05/09/15 11:18, ianG wrote:
>>> Workshop on Elliptic Curve Cryptography Standards
>>> June 11-12, 2015
>>>
>>
>> I doubt the foremost questions will be addressed:
>>
>> To which extent NSA influence motivates NIST in advancing the ECC
>> standards?
>
>
> John Kelsey, chief of something or other at NIST, gave a pretty
> comprehensive talk on the NSA issue for NIST at Real World Crypto in
> Janaury [0]. My take-away is that they are taking it seriously.
Thanks for the reminder. I did read one report by NIST on this subject
and it was already surprising how self-critical NIST was. The above talk
goes in the same encouraging direction.
>
> From memory, there wasn't anything directly spotted for the ECC stuff,
> but there has been this rising tide of demand for new curves ... so
> maybe now is the time.
>
>
>> Can independent academia members present hypothetical mathematical
>> advances (even breakthroughs) that NSA could have made, or could
>> speculatively expect to make, in order for the NSA to provide the US a
>> cryptanalysis advance over the rest of the world (central to NSA
>> mission).
>
>
> If you're saying, can the academics stumble across something that the
> NSA had beforehand, well, of course. But I'm not sure that's what you
> mean.
Let me try to re-phrase what I meant.
I do not want to push any plot theory without a deep understanding of
the ECC fundamentals. But recalling that NSA had prior knowledge of
differential cryptanalysis (versus academia) and prior knowledge of RSA
and D-H, is there any specific research directions in the ECC field in
which the NSA could have advance knowledge that would induce them to
push ECC deployment over factoring-based RSA?
>
> [0]
> http://www.realworldcrypto.com/rwc2015/program-2/RWC-2015-Kelsey-final.pdf?attredirects=0
>
- Thierry
More information about the cryptography
mailing list