[Ach] Applied Crypto Hardening
azet at azet.org
Wed Dec 11 23:27:44 CET 2013
On 11 Dec 2013, at 20:26, Christoph Mueller <christoph.mueller at gmx.at> wrote:
> - In chap. 6 you mentioned: "The security of the RSA and Diffie-Hellman algorithms is based on the assumption that factoring
> large primes is infeasable. Likewise the security of ECC is based on the discrete logarithm problem”
> RSA is based on factoring, DH is based on discrete logarithm problem. therefore DH can be transformed into a ECC Version (ECDH) as well as for example DSA to ECDSA.
I wrote the ECC section. Until a week ago it used to state the DLP but failed to mention prime factoring with RSA (https://git.bettercrypto.org/ach-master.git/commitdiff/72b9d678beaa7f3d44a6c566333929f51e30ae87). So I’ve changed that from bad to worse probably - I just couldn’t find the proper wording to get all three (RSA, DH and ECC in one comparison). Feel free to do so.
Bergs suggestion is not bad.
> RSA can not be transformed in that way (there is no ECRSA as some former TU assistant which was concerned with cryptography told me long ago). In http://www.emc.com/emc-plus/rsa-labs/historical/overview-elliptic-curve-cryptosystems.htm it is mentioned that such a thing can exist but then na ECC over a GF(p*q) has to exist, which AFAIK is not possible.
There are actually such things:
Thanks a lot for your contribution and suggestions!
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1091 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the Ach