Page 428 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 428
The strengths of various key lengths also vary greatly according to
the cryptosystem you’re using. The key lengths shown in the
following table for three asymmetric cryptosystems all provide
equal protection:
Cryptosystem Key length
RSA 1,024 bits
DSA 1,024 bits
Elliptic curve 160 bits
El Gamal
In Chapter 6, you learned how the Diffie–Hellman algorithm uses
large integers and modular arithmetic to facilitate the secure exchange
of secret keys over insecure communications channels. In 1985, Dr. T.
El Gamal published an article describing how the mathematical
principles behind the Diffie–Hellman key exchange algorithm could be
extended to support an entire public key cryptosystem used for
encrypting and decrypting messages.
At the time of its release, one of the major advantages of El Gamal over
the RSA algorithm was that it was released into the public domain. Dr.
El Gamal did not obtain a patent on his extension of Diffie-Hellman,
and it is freely available for use, unlike the then-patented RSA
technology. (RSA released its algorithm into the public domain in
2000.)
However, El Gamal also has a major disadvantage—the algorithm
doubles the length of any message it encrypts. This presents a major
hardship when encrypting long messages or data that will be
transmitted over a narrow bandwidth communications circuit.
Elliptic Curve
Also in 1985, two mathematicians, Neal Koblitz from the University of
Washington and Victor Miller from IBM, independently proposed the
application of elliptic curve cryptography (ECC) theory to develop
