DNSCurve: an alternative to DNSSEC
Posted Jul 9, 2009 15:42 UTC (Thu) by djao
In reply to: DNSCurve: an alternative to DNSSEC
Parent article: DNSCurve: an alternative to DNSSEC
Disclaimer: I am a researcher working on ECC.
I have no evidence, but my informed opinion is that more people are working on ECC than RSA these days. Even though RSA has been around longer, the unexplored territory for ECC is larger, and researchers tend to concentrate on unexplored areas.
To give one example, the best known attack on ECC can be implemented in about 20 kilobytes of code, whereas the best known attack on RSA requires about 3 megabytes for a typical implementation. (You might complain that it's unfair to compare a high level language to a low level language, but the language difference is actually part of my comparison -- the NFS attack on RSA does not benefit from high-level abstraction, whereas the Pollard rho attack on ECC does.) Putting yourself into a researcher's shoes for a moment, if you had to pick an area for research, knowing that it takes one day to learn how to attack ECC and three months to learn how to attack RSA, and keeping in mind the publish or perish environment of research, which would you choose? In my view it is not really true that making progress on ECC is any harder or more inaccessible than making progress on RSA, and indeed the contrary seems to hold.
Regarding your comment that "RSA is used for practically everything" and that "popularity is damn important", it is true on PC platforms that RSA is much more popular. The situation changes completely, however, when you consider mobile phone platforms, which are computationally constrained and in many cases require ECC. RIM recently bought Certicom (an ECC company), and prior to that had been licensing Certicom technology for many years. Microsoft's smartphones use ECC exclusively as well. I might also point out that the number of mobile phones in the world far exceeds the number of PCs. Again, I have no hard numbers, but I would not be surprised if ECC deployments outnumbered RSA once mobile phones are included.
to post comments)