Re: PLEASE HELP - Question about elliptic curve cryptography

From: Gregory G Rose (ggr_at_qualcomm.com)
Date: 01/02/05 

Date: 2 Jan 2005 10:25:09 -0800

In article <1104633777.443786.182220@c13g2000cwb.googlegroups.com>,
 <cpptutor2000@yahoo.com> wrote:
>As the domain parameters corresponding to a curve and its associated
>finite field are system-wide values, could one say that a single curve
>can supply the cryptographic keys to a number of users? As I am new to
>ECC, I am a bit confused.

Yes, basically everyone could use the same curves,
without too much danger. NIST FIPS 186-2 has
recommended curves, for example.

The little caveat to that is that most attacks on
Discrete-log based systems will end up with the
attacker having the ability to calculate arbitrary
discrete logarithms in the group with
comparitively little effort. So basically they'll
break "the curve" and not "a particular key". But
the hypothetical attack that breaks a NIST curve
will probably apply to other curves too, just with
a bit of extra effort. All of this is, of course,
speculation.

Yes, you can all use the same curve.

Greg. 

-- 
Greg Rose
232B EC8F 44C6 C853 D68F  E107 E6BF CD2F 1081 A37C
Qualcomm Australia: http://www.qualcomm.com.au
Quantcast