ietf-openpgp
[Top] [All Lists]

Re: ECC in OpenPGP

2010-08-30 21:54:28

Jon Callas <jon(_at_)callas(_dot_)org> wrote:

If you're happy with 128-bit security, then you don't need ECC. RSA is
just fine. If you want 256-bit security, then you have a quandary. You
either need to go beyond 4096-bit RSA keys, or go to ECC. It's that
simple.

I agree.

I wrote some program for Ruby OpenSSL Sample.

openssl-0.9.8h + ruby-1.9.0-4
http://h2np.net/tips/wiki/index.php?RubyOpenSSLDigitalSignatureSample

  Symmetric     ECC     RSA/DSA
1       80      160     1024
2       112     224     2048
3       128     256     3072
4       192     384     8192
5       256     521     15360


Sign+Verify time (sec)

        ECDSA        DSA        RSA-SIGN
1       2.555977     0.929024   1.076000
2       2.926534     2.645445   5.111679
3       3.592816     5.505652   14.402504
4       7.161274     30.169381  191.516328
5       9.017966        -       -
        (sec)

RSA/2K-key isn't so slow, it's OK.  RSA/3K-key is slow but acceptable.

Regards,

---
Hironobu SUZUKI <hironobu at h2np dot net>
FSIJ / WCLSCAN / OpenPKSD
Tokyo, Japan.

<Prev in Thread] Current Thread [Next in Thread>