undefined | Better HN

0 pointsJach1y ago0 comments

Since no one mentioned, a major reason to prefer elliptic curves is that you can get equivalent security for much smaller key sizes.

0 comments

kevin_thibedeau1y ago

I had to implement key generation on an embedded device @ 180MHz. RSA2048 would take upwards of five minutes if you didn't get lucky finding primes early on. Stronger ECC would be done within a second.

tommiegannert1y ago

And the key consituents don't have to be prime. That use of heuristics has always scared me a bit.

dspillett1y ago

Nit-pic: the key constituents only need to be co-prime rather than absolutely prime, though in practise this makes little or no difference.

bluGill1y ago

So far as we know. It scares some people that maybe co-primes working might be a sign of some future attack. Nobody has been able to figure out how such an attack works, but considering RSA is defined for primes, that some non-prime numbers also work is scary.

1 more reply

eddd-ddde1y ago

I remember when I generated my first EC key and added it to an SSH client. I was so surprised by the size of the key I spent some time researching if I had made a mistake.

Honestly impressive.

exe341y ago

nice thank you!

j / k navigate · click thread line to collapse