Slashdot Mirror

← Back to Stories (view on slashdot.org)

NSA Announces New Crypto Standards

Posted by Zonk on from the less-tasty-crackers dept.

Proaxiom writes "This week the NSA announced the new US government standard for key agreement and digital signatures, called Suite B. Suite B uses Elliptic Curve Diffie-Hellman (ECDH) and Elliptic Curve Menezes-Qu-Vanstone (ECMQV) for key agreement, and Elliptic Curve Digital Signature Algorithm (ECDSA) for signature generation/verification. This shouldn't be too surprising given that the NSA licensed Certicom's EC patents for $25 million last year. ECMQV is patented by Certicom. ECDH and ECDSA appear to be generally unencumbered."

4 of 220 comments (clear)

  1. Obligatory Wikipedia Link by Brock+Lee · · Score: 5, Informative

    wikipedia: Elliptic Curve Cryptography

  2. ECC: What and Why? by clap_hands · · Score: 5, Informative

    Elliptic curve cryptography is (if you squint your eyes) a translation of older crypto techniques onto slightly more exotic mathematical objects. Rather than (say) integers modulo a prime, ECC uses a group of an elliptic curve over some finite field. But the new techniques are analogous to the old: Diffie-Hellman, ElGamal, DSA. The advantage is meant to be that keys can be a lot smaller for an equivalent level of security.

  3. Re:Wait, what? by clap_hands · · Score: 5, Informative

    You can find collisions for SHA-0 faster than expected, and it's claimed that you can do the same for SHA-1 (the attack hasn't yet been published, but it's pretty certain to be genuine). The SHA-2 algorithms (that is, any of SHA-224, SHA-256, SHA-384, or SHA-512) remain uncompromised. See: SHA article on Wikipedia.

  4. Key agreement by ebvwfbw · · Score: 5, Informative
    Everyone, what is proposed is the key agreement algorythm. Please don't confuse this with the encryption method. I see a lot of messages that are misleading on what this is.

    WTH is it? When a key needs to be exchanged between two machines (like two routers for example), a mutually agreed upon key must exist no matter which encryption you use - blowfish, aes, des, and on and on. The idea is that only the two machines would know what the real key is and it is done automatically.

    Diffy-helman has been used for decades (Patent expired in 1997) for this and can be found as close as your nearest cisco router that has encryption enabled. The new algorithm adds a few new twists to it. Those twists may make the key easier to crack, however. Buyer beware, don't bet your life on a mutually agreed upon key like that. Be sure your keys are very secure. This goes for the so called quantum encryption channel as well. I don't think it is as secure as they say it is.

    However for most all of us in the world this is perfectly safe for digital signature encrypted data. If you have a need to be absolutely sure a signature is valid, don't use the network. Get it on paper.