[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] How bad is not having 'enable-ec_nistp_64_gcc_128' really? (OpenBSD)



On 22 June 2015 at 14:55, l.m <ter.one.leeboi@xxxxxxxx> wrote:
> Hi,
>
> Last I heard NIST groups are rubbish. You're better off without them for
> security. Am I wrong?

With regards to security, no one[0] who generates curves or implements
ECC (as evidenced by the recent CFRG discussions or ECC Conference)
seriously believes the NIST curves are backdoored.

They do believe the NIST cruves lack security properties other curves
have, are less performant than other curves, and have a sufficiently
ambiguous origin to not be desirable. But the last one, the distrust
of the curves, and desire for new ones (meaning desire based solely on
that point) comes more from national agencies who want to mandate
national curves - the Chinese and Russians being good examples.

-tom

[0] +/- a tiny epsilon I'm sure
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev