2008/03/23

Quantum cryptoanalysis

By Schneier, I read a nice article about how hard will kick the quantum cryptoanalysis.

Specially is interesting for me the the post says, about RSA 4096-bit key, "
if you want something stronger, you should shift to elliptic curve".

Why this sentence? I think is the reason of our current work (an article is coming soon). If one cryptoanalyst is working against you, and you have this 4096 key, your only choose is to revoke this compromised key and generate a new one larger. But over elliptic curves, only giving a new curve (over the same finite field or another) this hypothetical quantum cryptoanalysis has to be dropped and restarted.

Further more, having a base curve over the one you can describe isogeny volcanoes (bigger enough volcanoes). We are working on a cryptosetup reset in order to move your key to a new place (a new ciclic group where your ECDLP will live) where your hunter will be annoyed because all their computations has to be forget and restarted...

No comments: