Crypto Code

Tagged: standard Toggle Comment Threads | Keyboard Shortcuts

• 

  CG 8:11 am on August 27, 2010 Permalink | Reply
  Tags: elliptic curves ( 2 ), standard   

  Standardized Elliptic Curves 

  1. NIST. FIPS PUB 186-2 : DIGITAL SIGNATURE STANDARD (DSS). National Institute for Standards and Technology, 2000.
  2. SECG. SEC 2: Recommended Elliptic Curve Domain Parameters. Standards for Efficient Cryptography Group, 1999.

  CG and Budi Rahardjo are discussing. Toggle Comments

   
  • 

    Budi Rahardjo 12:47 pm on August 27, 2010 Permalink | Reply

    langsung di-refer di paper ah … 😀

    • 

      CG 4:06 pm on August 29, 2010 Permalink | Reply

      cari reference dan masukkin ke bibdesk itu satu urusan sendiri 😀 gimana lagi kalau gak pake lyx ya? 😀

  Reply Cancel reply

  Required fields are marked *

  Name *

  Email *

  Website

  Notify me of new comments via email.

  Notify me of new posts via email.

  Δ

• 

  CG 10:15 pm on July 30, 2009 Permalink | Reply
  Tags: curves, nist, secg, standard   

  Standard Elliptic Curves 

  • NIST, Recommended Elliptic Curves for Government Use
  • SECG, SEC 2: Recommended Elliptic Curve Domain Parameters
   
• 

  CG 10:04 pm on April 25, 2008 Permalink | Reply
  Tags: ECC ( 14 ), standard   

  NSA's ECC License Agreement with Certicom 

  Several important things about ECC and some standards on GF(p) or GF(2^m) from this document :

  What is excluded from an NSA sublicense?
  The field is restricted to GF(p) where p is a prime number greater than 2^255.
  If you wish to use smaller field size or the binary field GF(2^m) in your products, then these products would be excluded from the sublicense.

  Why the GF(p) field size?
  GF(p) was chosen because it has been well studied over the last 20 years. For national security applications, the NSA would like to see key sizes of at least 256 bits which is why they specify that p is a prime number greater than 2^255.

  Why did the NSA not license the binary field GF(2^m)?

  The binary field has been well studied over the last 20 years as well and is perfectly secure; however we believe the NSA wanted to limit the implementation choices. The NSA’s stated goal is to foster interoperability amongst secure communications equipment used across various government organizations. By limiting the implementation choices, this interoperability is easier to achieve.

  What is Suite B?
  The NSA announced Suite B at the RSA Conference February 2005. Suite B has two different levels of security, one for classified information and one for sensitive but unclassified information. The algorithms are as follows:

  

  Why has the NSA defined a Suite B?
  We believe Suite B was defined to take advantage of the cryptographic strength of ECC, and to narrow the choices in crypto algorithms. One of the goals is to facilitate sharing of information securely between government organizations which can only be accomplished by setting clear cryptographic standards for systems.
  We believe another of the goals is to address the issue of homogeneous cryptographic strengths for symmetric and asymmetric algorithms. For example AES at 128 bits should be paired with ECC at 256 bits and SHA at 256 bits in order to have the whole system at one cryptographic level. Today there are no such rules, and as a result, there are widespread poor cryptographic practices such as using RSA 1024 to exchange keys for AES 128.

  Why does the NSA like ECC?

  ECC is the only proven pubic key technology that scales in a practical way over time. As computing power increases, it becomes easier to break all cryptosystems so cryptographic keys must increase in size to maintain their strength. The NIST chart below demonstrates this clearly. As you can see, in order to match the AES key strength at 256 bits, you would need to use RSA keys of size 15360 bits. Keys at this size are unusable. With ECC you can use a key size of 512 bits to offer equivalent security.

  

  Why has the US Government endorsed ECC for both classified and sensitive but unclassified?

  We believe the NSA is trying to promote the notion of sharing information securely between Government departments at all levels of communication for Homeland Security. This was a key point in the presentation by Mr. Daniel G. Wolf, the National Security Agency’s Director of Information Assurance, at the 14th Annual RSA Conference in 2005. Setting clearly defined cryptographic standards & protocols are crucial for interoperability and making the sharing of information securely a reality.

  Is the US alone in selecting ECC?
  No. The NESSIE project (New European Schemes for Signatures, Integrity and Encryption) (2000-2003) did extensive evaluation on crypto algorithms. For more information, visit: https://www.cosic.esat.kuleuven.ac.be/nessie/ They recommend ECDSA as a signature scheme and published a chart of key size recommendations that proposes even larger keys than the one above for RSA algorithms.
  In addition, in 2001, the Government of Japan formed the CRYPTREC Evaluation Committee which is composed of eminent Japanese cryptographers. They have aggressively evaluated various cryptographic techniques to recommend the optimum cryptographic techniques necessary for the security of future e-Government systems. They recommend a number of ECC-based protocols including ECDSA and ECDH. http://www.ipa.go.jp/security/enc/CRYPTREC/index-e.html
  Is ECC found in standards?
  Yes. ECC is found in many standards. Here is a brief list.