[OTR-users] OTR-encryption not safe - DSA 1024bit is too short

. dcMhOYBdpZkH at web.de
Wed Dec 12 14:05:36 EST 2012

On 12/12/2012 07:18 PM, Pete Stephenson wrote:
> On 12/12/2012 2:48 PM, . wrote:
>> Or maybe ECC (shorter, comparable, keys), which requires less computing
>> power, with your own curves, not NIST's ones.
> Is there any particular reason why NIST curves are inadequate? I'm not
> aware of any weakness of using NIST curves.
> Cheers!
> -Pete
> _______________________________________________
> OTR-users mailing list
> OTR-users at lists.cypherpunks.ca
> http://lists.cypherpunks.ca/mailman/listinfo/otr-users
Somewhere (and I really tried to find this site again by searching for
like "nist" AND "own curves") I read not to use NIST's curves but use
one's own curves, but why exactly -- maybe NIST can pre-calculate things
and speed up encryption -- I don't know, not an expert on this.
I guess it's also because one shouldn't always trust NIST anyway (in
case of their recommendation which key-sizes to use I trust them because
I can calculate and know more or less how long a key should be).

More information about the OTR-users mailing list