this post was submitted on 14 Aug 2024
5 points (100.0% liked)

Cryptography

435 readers
1 users here now

cryptography (noun). The discipline concerned with communication security (eg, confidentiality of messages, integrity of messages, sender authentication, non-repudiation of messages, and many other related issues), regardless of the used medium such as pencil and paper or computers.

This community is for links about and discussion of cryptography specifically. For privacy technology more generally, use !privacy.

This community is explicitly not about cryptocurrency; see !crypto for that.

founded 3 years ago
MODERATORS
[email protected]
[email protected]
5
Bernstein and Lange -- Safe curves for Elliptic Curve Cryptography [pdf] (eprint.iacr.org)
submitted 1 month ago by [email protected] to c/[email protected]
3 comments fedilink hide all child comments
 

This is a technical but quite informative article, nominally about which elliptic curves have good security properties, but also discusses the intentions behind using EC instead of older systems like RSA (basically, EC is safer against some known classes of attacks).

Posting partly because EC vs RSA came up here a few days ago.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 1 month ago* (last edited 1 month ago) (2 children)

Thanks for sharing !! Very difficult to read through and way to much math overhead for my non-educated brain... However, I like reading those kind of statements:

Similarly, regarding the NIST curves, NIST wrote the following in 2019 [183]: NIST is not aware of any vulnerabilities to attacks on these curves when they are implemented correctly and used as described in NIST standards and guidelines. Regarding better curves, [183] wrote that “their designers claim that they offer better performance and are easier to implement in a secure manner”; [183] did not cite any of the literature demonstrating the performance benefits and ease of secure implementation of these curves, and did not mention the likelihood and consequences of insecure implementation of the NIST curves.

NSA: "Trust me bro"

[–] [email protected] 1 points 1 month ago

See also Section 7.3 and Appendix C (and the BADA55 Crypto paper that the email in Appendix C refers to).

[–] [email protected] 1 points 1 month ago

Bitcoin uses NIST P256 iirc, so you can possibly turn implementation mistakes into cash. :)