You can't really do a block cipher with a Public Key Cryptosystem (or at least, that's not how it's intended to be used). Usually what you do is you generate some random session key for CS^2, and use a PKC like Elliptic Curve Cryptography to transmit this session key to the other party. Afterwards, you just use CS^2 w/ the session key to encrypt all the traffic.
In terms of raw storage size, yes, ECC has a smaller keyspace than say RSA, but this is mostly due to the fact that on the integer line, primes are fairly sparse (http://mathworld.wolfram.com/PrimeCountingFunctio n.html). Therefore, you need to take a relatively huge chunk of the integer line to be able to grab enough primes such that finding the two primes which make up the key is incredibly tough.
ECC on the other hand, doesn't really have this problem. ECC is a variant on the discrete logarithm problem (http://mathworld.wolfram.com/DiscreteLogarithm.ht ml), where instead of using integers, we use points on the elliptic curve instead. The difference here is that every point on the curve can be used. So, since we don't have all these composite numbers cluttering up the place, the amount of 'space' the elliptic curve takes up is much smaller, and therefore the key is also much smaller.
Two problems exist with ECC. The first is that ECC could possibly be slower than RSA (although it's been argued that this is ok, since your key is much smaller than RSA). The second problem (and this is mostly a personal opinion) is that Certicom essentially has a stranglehold over ECC technology (they own over 130 ECC-related patents). This would make most every decent implementation of ECC very patent-encumbered.
Slashdot Mirror
My apologies, the wording of the posts was misleading.
:-)
Oh well, for anyone who wanted to know how PKC and ECC works, there you go
You can't really do a block cipher with a Public Key Cryptosystem (or at least, that's not how it's intended to be used). Usually what you do is you generate some random session key for CS^2, and use a PKC like Elliptic Curve Cryptography to transmit this session key to the other party. Afterwards, you just use CS^2 w/ the session key to encrypt all the traffic.
o n.html). Therefore, you need to take a relatively huge chunk of the integer line to be able to grab enough primes such that finding the two primes which make up the key is incredibly tough.
t ml), where instead of using integers, we use points on the elliptic curve instead. The difference here is that every point on the curve can be used. So, since we don't have all these composite numbers cluttering up the place, the amount of 'space' the elliptic curve takes up is much smaller, and therefore the key is also much smaller.
In terms of raw storage size, yes, ECC has a smaller keyspace than say RSA, but this is mostly due to the fact that on the integer line, primes are fairly sparse (http://mathworld.wolfram.com/PrimeCountingFuncti
ECC on the other hand, doesn't really have this problem. ECC is a variant on the discrete logarithm problem (http://mathworld.wolfram.com/DiscreteLogarithm.h
Two problems exist with ECC. The first is that ECC could possibly be slower than RSA (although it's been argued that this is ok, since your key is much smaller than RSA). The second problem (and this is mostly a personal opinion) is that Certicom essentially has a stranglehold over ECC technology (they own over 130 ECC-related patents). This would make most every decent implementation of ECC very patent-encumbered.