Interesting article about encryption.

Dual Elliptic Curve Deterministic Random Bit Generator.

About BBC's article: http://www.bbc.co.uk/news/technology-24048343 (and more official version of what happened is on http://en.wikipedia.org/wiki/Dual_EC_DRBG, original from http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-r...).


All decisions of "approved" / "not-approved" encryption algorithms, based on "SP-800-57" and the document uses definition of word "strength".

As it is specifies on page 61: "…two algorithms are considered to be of comparable strength for the given key sizes (X and Y) if the amount of work needed to “break the algorithms” or determine the keys (with the given key sizes) is approximately the same using a given resource".

Nobody disagree with such approach. And even more, next paragraph stated: "Determining the security strength of an algorithm can be nontrivial."

Basically document points that "strengths" of encryption is “speculation” - nothing more.

But on page 63 presents Table 2 "Comparable strengths". Table is a central and main source, in ALL arbitration of : “ be approved" / "not be approved" / “recommended” / “non-recommended”  algorithm/random number generators (in terminology of document DRBG – “Deterministic Random Bit Generator”), and that table consists of "speculations" - i.e: AES-256 has more "strengths" than AES-128 (!), or RSA compares with AES (!??!), or with Elliptic curves encryptions.

Actually. That table is the prime source for those articles (mentioned above).

In our "Satellite Communication Protocol" product we decided to use non-speculative, real secure solutions (random-number-bits sequence) to satisfy high expectation of our future customers.

Share this Page

Become a Part of the Future! Sign Up for Our Newsletter: