3

I have started learning about Elliptic Curve Cryptography (ECC). Since the key size required in ECC is relatively smaller than the key size in RSA (to provide the same encryption strength), I wonder whether the smaller key size of ECC makes it vulnerable to brute force attack. Does it?

I'm not very knowledgeable about the ways in which a key can be cracked. But, basically, fewer bits means the number of possibilities can be more quickly guessed or tried!

kelalaka
  • 48,443
  • 11
  • 116
  • 196
abejoe
  • 605
  • 2
  • 6
  • 14

1 Answers1

8

Yes a brute force key-guessing attack would be faster, but:

  1. It would be ridiculously slow for either. E.g. see this for 256-bit keys.
  2. There are faster attacks on both and those attacks break larger RSA sizes than ECC sizes.

Related: Why can ECC key sizes be smaller than RSA keys for similar security?

Community
  • 1
otus
  • 32,132
  • 5
  • 70
  • 165
  • 1
    I like the distinction between key size and key space that has been offered by PYZH. Furthermore, some (future) attacks that use quantum computing may be more efficient for comparable security levels (where QC is not taken into account yet, obviously). Maybe these notions can be incorporated in the answer? – Maarten Bodewes Nov 27 '15 at 12:31
  • @MaartenBodewes, I don't think that distinction gets at the actual issue. For example, you can look at Diffie–Hellman (or IES, if you don't consider DH values keys) and find that the possible key space is pretty dense, but you still need larger public keys than with elliptic curves. – otus Nov 27 '15 at 13:37
  • Regarding quantum attacks, is there something relevant to say beyond that Shor's algorithm would break both systems? – otus Nov 27 '15 at 13:40