Re: Is this the first ever practically-deployed use of a threshold scheme?

2010-08-04 Thread Tanja Lange
There is more than the UI at stake here, i.e. the basic functionality of the scheme. Say you distribute shares in a 4 out of 7 scheme (ABCDEF) and share A is published on the web. How do you recover from the remaining 3 out of 6 scheme into a 4 out of 6 scheme without having a key

Re: 112-bit prime ECDLP solved

2009-07-17 Thread Tanja Lange
So with about 1 000 000 USD and a full year you would get 122 bits already now and agencies have a bit more budget than this! Furthermore, the algorithm parallelizes extremely well and can handle a batch of 100 targets at only 10 times the cost. No it cannot handle a bunch of a hundred

Re: 112-bit prime ECDLP solved

2009-07-14 Thread Tanja Lange
We are pleased to announce that we have set a new record for the elliptic curve discrete logarithm problem (ECDLP) by solving it over a 112-bit finite field. The previous record was for a 109-bit prime field and dates back from October 2002. First of all congratulations to the team at EPFL!

Re: Who cares about side-channel attacks?

2008-11-03 Thread Tanja Lange
Examples of side channel analysis on real systems I however have never seen in the field. Any rumors would be highly appreciated. At Crypto'08 a team from Bochum demonstrated their side-channel attack on KeeLoq. There were some theoretical attacks before but the SCA really broke it. KeeLoq