| 1 |
On Apr 17, 2014, at 23:17, walt <w41ter@×××××.com> wrote: |
| 2 |
|
| 3 |
> On 04/17/2014 11:43 AM, Matti Nykyri wrote: |
| 4 |
>> I don't know much about the secp521r1 curve or about its security. |
| 5 |
>> You can list all available curves by: |
| 6 |
>> |
| 7 |
>> openssl ecparam -list_curves |
| 8 |
> |
| 9 |
> I don't either, but I hope this guy does :) |
| 10 |
> |
| 11 |
> http://www.math.columbia.edu/~woit/wordpress/?p=6243 |
| 12 |
|
| 13 |
Good article :) The overall picture I had about EC is more or less the same as described in the article. But you always have to make a threat analysis and it depends on the private data you are protecting. By definition any private data will be disclosed given enough time and resources. |
| 14 |
|
| 15 |
So if your adversary is NSA... Well protecting the communication of regular internet user and your production server with SSL and x509 certificates will just not secure the content. I'm 100% certain that NSA has access to at least one CA root certificates private keys. With those they can do a man-in-the-middle attack that the regular user will most likely never spot. |
| 16 |
|
| 17 |
I my own security model I'm protected from NSA by the fact that it will disappear in the flow of all other traffic because NSA is not stealing credit card numbers :) ECDSA with ECDHE is fast and secure according to public sources. |
| 18 |
|
| 19 |
The problem is totally different if you are protecting the secrets of your company that are within the interest of NSA. I'm lucky I don't have to try that. |
| 20 |
|
| 21 |
-- |
| 22 |
-Matti |
Archives