[cryptography] What's the point of using non-NIST ECC Curves?

Tony Arcieri bascule at gmail.com
Mon Oct 13 12:14:15 EDT 2014

On Mon, Oct 13, 2014 at 7:51 AM, Derek Miller <dreemkiller at gmail.com> wrote:

> If the NIST curves are weak in a way that we don't understand, this means
> that ECC has properties that we don't understand.

While there's djb's worry that the NSA may have tweaked a curve parameter
in such a way as to generate a curve with a one-in-a-million weakness that
only they know how to exploit, the NIST curves are weak in other known ways:


Additionally, newer curves are being picked with an emphasis on performance

Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20141013/45d309e9/attachment.html>

More information about the cryptography mailing list