id: Гость   вход   регистрация
текущее время 22:15 28/03/2024
Автор темы: Гость, тема открыта 07/03/2005 05:13 Печать
https://www.pgpru.com/Форум/ПолитикаПравоРеальныйМир/ВСШАСтандартизировалиEC-криптографию
создать
просмотр
ссылки

В США Стандартизировали EC-криптографию


NSA сегодня опубликовала новые криптостандарты основанные на эллиптических кривых. Интересно, что решились они на это только через 4 года после РФ и 3 года после Канады, хотя работать начали над стандартами примерно тогда же (конец-середина '90-х).
Ссылка (журнализм): http://www.eet.com/sys/news/sh.....l? ArticleId=60404977
Если найду чего-то получше, то обязательно напишу.


Основная проблема с EC-crypto состоит в том, что для решения задачи дискретного логарифма там ПОКА неприминимы самые современные методы, которые применимы к группам по модулю простого числа. Некоторые эксперты (например Брюс Шнайр) предупреждают, что в этой области прорыв вполне возможен и тогда EC криптография утратит все приймущества перед модулярной.


Даже сейчас он рекомендует использоват EC алгоритмы только там, где короткий ключ — техническая необходимость, как например в смарт-картах и т. д. Для приминения на ПК рекомендуется использовать традиционую модулярную арифметику с длинными ключами.


 
Комментарии
— SATtva (08/03/2005 15:08)   профиль/связь   <#>
комментариев: 11558   документов: 1036   редакций: 4118
[quote:f3e6edd854="Certicom в своём пресс-релизе"]**NSA names ECC as the exclusive technology for key agreement and digital
signature standards for the U. S. government

Certicom's ECC-based solutions enable government contractors to add security
that meets NSA guidelines**

MISSISSAUGA, ON, March 2 /CNW/ – Elliptic Curve Cryptography (ECC), a
strong, efficient public key cryptosystem, will soon become the standard to
protect U. S. government communications. On February 16, 2005 at the RSA
conference, the National Security Agency (NSA) presented its strategy and
recommendations for securing U. S. government sensitive and unclassified
communications. The strategy included a recommended set of advanced
cryptography algorithms known as Suite B for securing sensitive and
unclassified data.

The only public key protocols included in Suite B are Elliptic Curve
Menezes-Qu-Vanstone (ECMQV) and Elliptic Curve Diffie-Hellman (ECDH) for key
agreement and Elliptic Curve Digital Signature Algorithm (ECDSA) for
authentication. The Advanced Encryption Standard (AES) for data encryption
and SHA for hashing are also included. All of the Suite B algorithms are
consistent with the National Institute of Standards and Technology (NIST)
publications.

Interoperability and information sharing are two key principles in the
NSA strategy. In his remarks, Daniel Wolf, the NSA's information assurance
director discussed the importance of sharing information between departments
and using consistent and strong standards to protect that information. The
NSA recommends that the same level of security that is used to protect
mission critical information – ECC-based protocols – now be extended to
protect sensitive and unclassified data.

"The NSA strategy is major news for the security industry and all
government agencies or suppliers because it sets the security standards for
at least the next few decades. The NSA has stated that there are more than
1.3 million cryptographic devices in the U. S. inventory, over 75 percent of
which will be replaced during the next decade under the U. S. Crypto
Modernization Program," said Scott Vanstone, Certicom's founder & executive
vice-president strategic technology. "A system is only as strong as its
weakest link. By using the same high level of protection for all
communications, especially security that is standards-based and
interoperable, agencies and all organizations can establish a trusted system
that is much harder to compromise."

ECC is a publicly-available algorithm and Certicom is known as the ECC
pioneer and expert, having researched and developed ECC-based
implementations and security for the past 20 years. In 1997, Certicom
developed the industry's first toolkit to include ECC which has since been
adopted by over 300 organizations. Today, its Certicom Security
Architecture, a modular set of security services, software cryptographic
providers (including a FIPS 140-2 Validated cryptographic module), and board
support packages, enables device manufacturers and other government suppliers
to easily add strong, efficient cryptography that meets the NSA
recommendations and NIST publications.

]>
— Lustermaf (30/10/2005 18:20)   профиль/связь   <#>
комментариев: 225   документов: 8   редакций: 2
GnuPG с ECC:
http://alumnes.eps.udl.es/~d4372211/index.en.html
Ваша оценка документа [показать результаты]
-3-2-1 0+1+2+3