Why use “recommended” elliptic curves?

416 views

Why do there need to be “recommended” elliptic curves? If “recommended” ones are just ones that someone has found a shortcut for, why isn’t it better to just choose a new random one each time? Is it that decrypting or validating different curves requires different specific code?

In: 0

5 Answers

Anonymous 0 Comments

Not just any random curve has the desirable properties, so you need to pick one that does. So you have two choices:

1. Ask for a recommendation (“*hey pal, do you you have an edge to get me a good curve?*”)
2. Pick one at will and prove it can be used in a cryptographically secure way (“*good luck*”).

Anonymous 0 Comments

I’m not an expert in cryptography, but I believe the idea is that using any old curve for EC you have a chance of generating a predicable value. Using a recommended curve you get something that is at least somewhat proven to produce good values.

Anonymous 0 Comments

On arriving in preschool with your bike the grownups will recommend you to lock it up with a steel chain and a pad lock. However you decide to use your neatly hand crafted paper chain and lock. When its time to go home your bike is gone although you used a chain and lock.
Not every material makes a secure chain and lock. People spent much time in testing different materials and finally came up with recommendations. There may be other yet untested materials even better than steel but there are far more materials that have been proven unfit for the purpose.

Anonymous 0 Comments

This is explained like a 5th year cryptologist. I have not a clue what you are even talking about. Elliptic curves like orbits? Ballistic trajectory? How is a curve good?

Anonymous 0 Comments

A couple of ECs that came out of NIST are considered compromised due to the NSA and not recommended for use.