Scott Vanstone | Cryptography thrown an elliptic curve

 

Connecting state and local government leaders

GCN Interview: One of the inventors of elliptic curve cryptography talks about ECC's emerging role in providing strong security for public-key infrastructures.

Scott Vanstone, along with two of his former students at the
University of Waterloo in Ontario, Alfred Meneze and Mingha Qu,
invented elliptic curve cryptography. As a professor of mathematics
and computer science at the University of Waterloo, Vanstone
devotes much of his research to the implementation of ECC. As
co-founder and executive vice president of strategic technology at
Certicom, he promotes the use of the company's technology in
public-key infrastructures.


He is co-author of 'A Guide to Elliptic Curve
Cryptography.'


GCN: Without getting too deeply into the math, what is
elliptic curve cryptography?


Scott Vanstone: Elliptic curve cryptography is a public-key scheme providing the same functionality as the RSA scheme. [RSA is a publickey algorithm
named after its three inventors, Ronald Rivest, Adi Shamir, and
Leonard Adleman]. The difference is that elliptic curve bases its
security on a much harder mathematical problem than the problem RSA
bases its security on. That translates into being able to use much
shorter key lengths to get the equivalent level of security. There
are really only two commercially viable public- key schemes,
elliptic curve cryptography and RSA. RSA, in my opinion, will be
replaced because of the technological advantages of ECC.


GCN: Is the level of security something that can be proved,
rather than a matter of opinion?


Vanstone: It has been around now for 23 years. It's
been looked at by the best mathematicians in the world, just as RSA
has, and nobody has found any weaknesses in it. It is a
well-established technology.


GCN: Strengths and advantages usually come with some
trade-offs or weaknesses. What are the relative strengths and
weaknesses of ECC?


Vanstone: The strength is a shorter key size. The Advanced
Encryption Standard (AES) is a symmetric key algorithm. It requires
a common key used by both parties. There are three key lengths
specified ' 128, 192 and 256 bits. In good cryptographic
practice, you always match key strengths. If I want to pass a
symmetric key using a public-key scheme, I should be using a public
key that has the same number of bits of security. To exchange a
128- bit key, if we use elliptic curve cryptography, we need to use
a 256-bit ECC key. If we wanted to use RSA to pass that 128-bit
key, we'd need more than 3,000 bits of RSA to get the
equivalent strength. If you want to exchange a 256-bit AES key, you
would need 512 bits of ECC key, and if you use RSA you would have
to use over 15,000 bits. Elliptic curve key sizes scale linearly,
where RSA goes up sub-exponentially. These numbers showing
key-strength equivalents come out of [The National Institute of
Standards and Technology]. This translates to less bandwidth use,
fewer computations and longer battery life. Disadvantages or
weaknesses? We don't know of any.


GCN: If ECC is a more efficient scheme, why has RSA been
implemented in so many PKI applications?


Vanstone: RSA was the first player in the game. RSA was
founded in 1977, and ECC was not discovered until 1985. In the
security industry, there is a huge barrier to entry. It takes an
enormous amount of time to get a foothold. ECC is now at that
stage. It is recognized as being stronger.


GCN: What applications is ECC best suited for?

Vanstone: Any application that requires confidentiality or
encryption of data, data integrity, authentication, or
nonrepudiation. Nonrepudiation with a digital signature is a
concept only public keys can deliver. You can't get digital
signatures and nonrepudiation with a symmetric key scheme.


GCN: The uses you mention are all functions of PKI, which
does not in itself use symmetrical encryption keys. Yet PKI is
typically used to exchange symmetrical keys for encryption. Why use
symmetrical key algorithms at all? Why not do all of the encryption
with public/private keys and PKI?


Vanstone: Symmetric key algorithms such as AES are blazingly
fast. If you are encrypting large messages, AES will likely run a
thousand times faster than public-key encryption. But the
difficulty with symmetric key cryptography is how we exchange the
keys. The answer is public-key cryptography. It's great for
exchanging these keys. It's a hybrid scheme with the best of
both worlds. We use public keys to pass symmetric keys for
encryption.


GCN: How is ECC being used today?

Vanstone: The [Research In Motion] BlackBerry is completely
secured by elliptic curve cryptography. They have adopted 256-bit
AES for protection and ECC at 512 bits for the key exchanges. The
new e-passport standard has elliptic curve in it. It's being
used in digital postal marks to provide digital signatures on those
2-D bar codes you see on an envelope. Another application is
consumer electronics, such as a flat-screen TV. The link between a
DVD player and the TV is a digital link, and content providers will
not give content unless that link is encrypted. In any constrained
environment, ECC is well-suited.


GCN: Does ECC have the government's blessing?

Vanstone: We were approached by the National Security Agency
in 2003, and they got a license for 26 of our technologies. Then at
the RSA Conference in 2005, they announced Suite B. This is the
first time NSA has endorsed a suite of cryptographic algorithms.
That consists of a symmetric key scheme, which is AES; a digital
signature scheme, which is ECC; a key agreement mechanism, which is
ECC; and the hash function [Secure Hash Algorithm] SHA 2. So the
U.S. government likes it.


GCN: What have been the greatest changes in cryptography in
the past 20 years?


Vanstone: I have one foot in academia and I started
Certicom. In my experience, cryptography has gone from a
nice-to-have to a must-have. So it is being built in from the very
beginning rather than bolted on. And we haven't had the
ability in the past to offer high security in very constrained
environments. Elliptic curve cryptography allows us to do that now.
We can provide the same kind of security the banking industry would
want for tiny networked devices.


GCN: What are the greatest challenges that face the
cryptographic industry now?


Vanstone: A big challenge, at least for ECC, is to replace
the legacy equipment that is out there and to put PKI in place.
That is happening.


GCN: What will the next big development in cryptography
be?

Vanstone: There won't be a more efficient scheme, in
my opinion, than ECC. Perhaps way down the road you might see
quantum cryptography. People are talking about it today, but it has
a long, long way to go.



NEXT STORY: Cybereye | The threats ahead

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.