Eugene Leitl <[EMAIL PROTECTED]> writes: > ---------- Forwarded message ---------- > Date: Sun, 27 Jan 2002 21:10:09 +0100 (CET) > From: Robert Harley <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: Cringely Gives KnowNow Some Unbelievable Free Press... > > Adam Beberg wrote: > >I'm preaty sure the reason we're all using RSA _now_ is the same reason we > >were using DH a couple years ago - the patents are all expired. ECC has a > >bunch of patents still living, and the word among the crypto crowd I know is > >still "avoid like the plague". > > I usually have no particular desire to respond to Beberg's negativism, > but I suppose that I should do so this time. [Discussion of patents deleted]
I see this sort of point-by-point discussion of EC patents a lot. I think it misses the point. If you want to see EC used you need to describe a specific algorithm which has the following three properties: (1) widely agreed to be unencumbered, particularly by the big players. [extra points if you're willing to indemnify] (2) significantly better than RSA (this generally means faster) (3) has seen a significant amount of analysis so that we can have some reasonable confidence it's secure. Until someone does that, the cost of information in choosing an EC algorithm is simply too high to justify replacing RSA in most applications. Mr. Beberg's comment about avoiding ECC like the plague matches my impression of the COMSEC community pretty well. I'm not really part of the crypto community so I can't speak for that. -Ekr --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]