Re: Elliptic Curve Encryption Scheme or Elliptic Curve Intergrated Encryption Scheme
From: Roger Schlafly (rogersc_at_mindspring.com)
Date: 11/25/03
- Next message: J. Campbell: "Re: sci.crypt sandbox"
- Previous message: Leonardo Barbosa e Oliveira: "doubts about rc4"
- In reply to: Maxlim: "Elliptic Curve Encryption Scheme or Elliptic Curve Intergrated Encryption Scheme"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 25 Nov 2003 16:08:06 GMT
"Maxlim" <maxlim79@hotmail.com> wrote
> Can anybody tell me why ECES was not included in IEEE public-key
> standard (P1363-2000)? Why almost all encryption scheme which involves
> elliptic curve cryptography proposed in the form of DHAES? What
> happened to ElGamal encryption scheme?
ElGamal is susceptible to a chosen ciphertext attack. That is, given
an encrypted message (ie, ciphertext), an adversary can easily construct
another ciphertext that decrypts to the same original message. For
most systems this is not a problem, but it is desirable to avoid the
attack anyway.
> Is there any significant
> cryptographic weakness if we implement elliptic curve encryption
> scheme without involving symmetric encryption scheme, message
> authentication code, cryptographic hash function and etc, just like
> RSA encryption scheme??
Nearly everyone who uses RSA encryption actually uses RSA to
encrypt a key which is then used for a symmetric encryption scheme.
I don't think that there is much interest in avoiding symmetric schemes.
- Next message: J. Campbell: "Re: sci.crypt sandbox"
- Previous message: Leonardo Barbosa e Oliveira: "doubts about rc4"
- In reply to: Maxlim: "Elliptic Curve Encryption Scheme or Elliptic Curve Intergrated Encryption Scheme"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
