Jon Callas <jon(_at_)callas(_dot_)org> wrote:
If you're happy with 128-bit security, then you don't need ECC. RSA is
just fine. If you want 256-bit security, then you have a quandary. You
either need to go beyond 4096-bit RSA keys, or go to ECC. It's that
simple.
I agree.
I wrote some program for Ruby OpenSSL Sample.
openssl-0.9.8h + ruby-1.9.0-4
http://h2np.net/tips/wiki/index.php?RubyOpenSSLDigitalSignatureSample
Symmetric ECC RSA/DSA
1 80 160 1024
2 112 224 2048
3 128 256 3072
4 192 384 8192
5 256 521 15360
Sign+Verify time (sec)
ECDSA DSA RSA-SIGN
1 2.555977 0.929024 1.076000
2 2.926534 2.645445 5.111679
3 3.592816 5.505652 14.402504
4 7.161274 30.169381 191.516328
5 9.017966 - -
(sec)
RSA/2K-key isn't so slow, it's OK. RSA/3K-key is slow but acceptable.
Regards,
---
Hironobu SUZUKI <hironobu at h2np dot net>
FSIJ / WCLSCAN / OpenPKSD
Tokyo, Japan.