Re: [Cfrg] Defining inter operable ECC keys in for IETF protocols

[Yvonne Cliff <hitchcock at isrc.qut.edu.au>]

On Wed, 15 Mar 2006, Ólafur Guðmundsson wrote:

> What the DNSEXT working group is looking for is some guidance on how
> to create a SHORT list of fields/curves to use by ECC in the DNS context
> and/or wider IETF context.

Have you looked at the existing standardized NIST and SECG curves?

NIST (National Institute of Standards and Technology), US Department of 
Commerce.  FIPS 186-2, digital signature standard (DSS).  Federal 
Information Processing Standard (FIPS), January 2000. 
http://www.csrc.nist.gov/publications/fips

SEC 2. Recommended Elliptic Curve Domain Parameters. Standards for 
Efficient Cryptography
Group, September, 2000. Working Draft. Available from: 
http://www.secg.org/

> Nice feature: In the DNS world we are more interested in keeping
> Verification time down than signing time, RSA with small exponent is quite
> nice in this regards. I do not know if the choice of ECC variant has any
> impact on the difference between signing and verification time.

ECCs are based on the discrete logarithm problem (in an EC group), not a 
factorization problem, so one would use EC-DSA for signing, for example. 
This does not have a verification time as fast as RSA.  For timings, see:

http://indigo.ie/~mscott/

Regards,
Yvonne


-------------------------------------------------------------------------------
Dr. Yvonne Cliff
Research Associate
Information Security Institute
Queensland University of Technology
126 Margaret Street
GPO Box 2434
BRISBANE        4001
E-mail: hitchcock at isrc.qut.edu.au
ABN:  83 791 724 622
CRICOS No 00213J
-------------------------------------------------------------------------------

_______________________________________________
Cfrg mailing list
Cfrg at ietf.org
https://www1.ietf.org/mailman/listinfo/cfrg