[Cryptography] composing EC & RSA encryption?

[Peter Gutmann]

ianG <iang at iang.org> writes:

>Before, we seemed comfortable with the trend to ECC as the future.  Now, it's
>not clear.

Well, only of you're a dedicated NSA entrails-reader.  If you look at the
NSA's recent decision about Suite B, there are two things there, the move off
Suite B and the attempt to find a replacement.  The move off Suite B is no
surprise, the NSA are simply admitting that after a decade of fruitless
attempts to get anyone interested in it (outside of organisations with a
government gun pointed at their heads, who had no choice), no-one wanted it.
They were in the same position they were in before Suite B in terms of people
not being able to take advantage of COTS products, it still didn't solve the
Type-1-algorithm product problem.  So this is just admitting defeat after a
decade of not making any progress, not some admission of hitherto-unknown
security holes in Suite B.

The second issue is what to replace Suite B with.  They could have said "AES,
'25519, and SHA2, and we're done".  Instead, they're pushing yet another white
elephant to follow on from their previous herd.  After all this time they
still don't understand how COTS actually works.

Peter.