[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Elliptic Curve Crypto and the NSA


> Iâve been reading a paper that talks about why the NSA told everyone to
> move to quantum resistant crypto.

Are you talking about the paper "A Riddle Wrapped in an Enigma"? 

> One of the ideas in the paper was that they may have broken elliptic
> curves.

I have another opinion. I didn't read something like "they may have broken
elliptic curves". The NSA  crypto experts expected that elliptic curves
(ECC) and RSA will be broken by a quantum computer in the future, in the
more or less near future. But until this will happen, RSA and ECC offer
equal security.

NSA recommendation for Suite B ciphers is NOT: "moving away from ECC now",

It means: "if you are  still using RSA, don't  spend money to move to ECC,
wait for PQC". (PQC: post quantum crypto)

A short comment by Matthew Green to step in without mathematics you may
find here:

Karsten N.
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to