1 |
On Apr 17, 2014, at 23:17, walt <w41ter@×××××.com> wrote: |
2 |
|
3 |
> On 04/17/2014 11:43 AM, Matti Nykyri wrote: |
4 |
>> I don't know much about the secp521r1 curve or about its security. |
5 |
>> You can list all available curves by: |
6 |
>> |
7 |
>> openssl ecparam -list_curves |
8 |
> |
9 |
> I don't either, but I hope this guy does :) |
10 |
> |
11 |
> http://www.math.columbia.edu/~woit/wordpress/?p=6243 |
12 |
|
13 |
Good article :) The overall picture I had about EC is more or less the same as described in the article. But you always have to make a threat analysis and it depends on the private data you are protecting. By definition any private data will be disclosed given enough time and resources. |
14 |
|
15 |
So if your adversary is NSA... Well protecting the communication of regular internet user and your production server with SSL and x509 certificates will just not secure the content. I'm 100% certain that NSA has access to at least one CA root certificates private keys. With those they can do a man-in-the-middle attack that the regular user will most likely never spot. |
16 |
|
17 |
I my own security model I'm protected from NSA by the fact that it will disappear in the flow of all other traffic because NSA is not stealing credit card numbers :) ECDSA with ECDHE is fast and secure according to public sources. |
18 |
|
19 |
The problem is totally different if you are protecting the secrets of your company that are within the interest of NSA. I'm lucky I don't have to try that. |
20 |
|
21 |
-- |
22 |
-Matti |