Secure Encryption will Take More than Better Algorithms
GCN is reporting on the NSA's move to adopt ECC as a standard for encryption eventually replacing RSA and Diffie-Hellman. The driver is the fear that to keep messages secure for the next 10 to 20 years, we'll need at least 2,048 bit keys and that is too computationally demanding. ECC provides equally difficult to crack encryption with shorter keys and the algorithm is easier to compute as well. Switching algorithms may be enough for the NSA, it's not likely to solve problems the rest of us face.
NSA’s decision to move to ECC, which appears to be the only option. Experts agree that there is no new technology comparable to ECC. Although there are a number of protocols, there are only two basic technology approaches, George said: integers, used by RSA and Diffie-Hellman, and ECC, he said.“ECC is the only impressive thing out there,” Kent said. “People don’t get excited every time a new thing comes along. We wait several years and let people try to crack it first. ECC definitely passed the test in this regard.”
Yes, ECC is an impressive technology but it doesn't address the weakest link in a world where users give out passwords to strangers on the phone, wireless networks are not configured with encryption because the setup is too difficult, disregard policies regarding installing unauthorized applications have unrealistic expectations about security measures.
Encryption technology will keep changing, now if we could just improve the human factors elements of security we'd really be better off.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
