On Fri, 04 Nov 2005 19:32:07 +0100, markus reichelt said: > I put the speculations aside and stick with the fact that the NSA > recommends ECC for government use. That's enough for _me_.
There is a rationale reason why NIST (not the NSA) will go for ECC: The forthcoming extended DSA versions using longer hash values will require much longer RSA keys (e.g. 3072 bit for SHA-256). This is due to NIST's estimated relations between key and hash sizes for balanced attack costs. The downside of these new DSA variants is that implementing 3k RSA on small devices is close to impossible. Thus they need to switch to ECC to gain similar security with the ability to implement it on smart cards. Shalom-Salam, Werner _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
