ECC vs RSA encryption : OpSec | Torhoo darknet markets Torhoo!

5 points

3 years ago

They both have pros and they both have cons. One isn't inferior. ECC is more efficient and faster and will probably lead the way in the future. But that doesn't make RSA useless. RSA has stood the test of time. It’s an extremely well-studied and audited algorithm as compared to modern algorithms such as ECDSA and has simplicity. ECC has its merits. But there is a time for everything.

/u/maxdroo1

3 points

3 years ago

ECC has a large problem that everyone should be aware of. Many of the common
curves have suspected backdoors in the implementation. Especially those that
were written and proposed as standards by NSA personnel.

This is not yet proven, but there is circumstantial evidence leaked that shoes
corporate payoffs have taken place to get companies to start using these
suspected curves. Some of theses leaks come from the Snowden documents.

Furthermore some of the base constant values in these implementations, are
not known safe values. Which makes some cryptographers nervous. Check out
Bruce Schneier's blogs for a good resource on this. Direct quote:
"I no longer trust the constants. I believe the NSA has manipulated them
through their relationships with industry."

I'd say that for most people it's best just to use the largest RSA key you can,
if you want maximum safety.

/u/Gorgon Encrypted OpSec Warrior

1 points

3 years ago*

RSA is more commonplace -- virtually every 'PGP' software package out there knows how to handle RSA keys; only the most modern and up to date software knows how to handle ECC keys.

HeadJanitor is right -- RSA has been proven over the decades; on the other hand, some people believe it is too long in the tooth. 2048-bit keys are expected to become vulnerable circa 2030 -- just another 8 years from now. 4096-bit keys may be good for another 10-15 years after that.

If you are serious about data security past 2040-2050, then you need to use 512-bit ECC keys. It all depends on your threat model.

/u/corruptedmind

1 points

3 years ago

I have a question, why would people even choose to encrypt with 2048-bit option since its so easy just to put it up to 4096? Is there any reasoning for that?

/u/strace

2 points

3 years ago

Because 4096 bit RSA adds significantly more overhead and resources required to use it. Ever see someone try to include their 4096 bit RSA key in their post signature? It's annoying as hell seeing as how it scrolls the full screen.

Because of the continued steady advancement of Moore's Law the resource requirements of 4096 bit RSA keys isn't as big a deal now as it used to be even 5 years ago. But opsec is always a tradeoff with convenience. As long as it's still easier and more convenient to create and use a 2048 bit RSA key most people will choose to opt for the simpler solution.

/u/Gorgon Encrypted OpSec Warrior

2 points

3 years ago

The real reason that 2048-bit keys were standard for so long was because of embedded devices -- these have limited RAM/CPU, so using 4096-bit keys was discouraged, because it takes approximately 16x as many cycles to generate/use a 4096-bit key as opposed to a 2048-bit one.

The reason that 2048-bit keys are still being used, is that they are still the default for older software -- in the 2.2.x releases, 3072-bit keys are now default, because 2048-bit keys are increasingly shaky. In the development 2.3.x releases, Curve25519 keys are now the default. RSA keys will be considered legacy within 5 years.

/u/strace

1 points

3 years ago

Good point.

/u/dystopia_dev

1 points

3 years ago

Can anyone ELI5 between the difference.

/u/strace

4 points

3 years ago

ECC: Speed, efficiency, most recent
RSA: Slower, Older, but still has use case because it was such a ground breaking algorithm in its day.

Only upside RSA has in a straight comparison with ECC is that it is theoretically more resistant to quantum brute forcing, but seeing as how quantum computing is not at the stage where it can hack either RSA or ECC it remains in the realm of theory at this point.