Cryptography Reference
In-Depth Information
512-bit private key because every single bit (provably) contributes to the security
of the cryptosystem. Remember that the public-key operations are O( n ), where
n is the number of bits in the private key. ECC is fast enough, and has a small
enough operating footprint, that it can be used in smartcard implementations.
Although ECC is popular in the banking industry, it's only just now begin-
ning to fi nd its way into TLS. OpenSSL 1.0, although it includes elliptic-curve
operations, doesn't support TLS 1.2, and therefore doesn't support online ECC.
GnuTLS does support TLS 1.2 and ECC, but is disabled by default. I'm not aware
of any commercial (or open source) website or browser that supports TLS 1.2
at the time of this writing. Still, you can expect to see ECC gain in popularity
in the coming years simply because of its speed advantages over RSA and DH.
I revisit ECC again in Chapter 4 when I examine ECDSA, and it will be added
to the TLS library in Chapter 9 which covers TLS 1.2.
Search WWH ::




Custom Search