SlideShare a Scribd company logo

ECC Elliptic Curve Cryptography Encryption and SSL Certificate

Download as PPTX, PDF
CheapSSLsecurity
CheapSSLsecurity

ECC (Elliptic Curve Cryptography) Encryption and SSL Certificate explained in details, learn the main difference between RSA, DSA and ECC Encryption SSL.

Technology
1 of 14
ECC ENCRYPTION AND SSL CERTIFICATE
UNDERSTANDING ELLIPTIC CURVE CRYPTOGRAPHY AND HOW IT RELATES TO SSL/TLS • You may notice that a couple of the Symantec products we offer, namely the Symantec Secure Site Pro line, advertise something called “ECC” or Elliptic Curve Cryptography. This is a mathematical method that can be applied to SSL/TLS Encryption. • ECC is actually not new, it’s been around for about a decade at this point, but given the fact it’s yet to be widely adopted it remains a mystery to many people.
• ECC is incredibly complex, which is why we’ll avoid getting too granular in our discussion of it at this point (that can be saved for future posts), instead we’re going to give you the main points about ECC in case you’re interested in purchasing an SSL Certificate that makes use of it.
WHAT EXACTLY IS ECC? • There are a broad range of applications for Elliptic Curve Cryptography, when it comes to its applications to SSL it can be used to create encryption keys, to provide digital signatures, and more. • With any SSL Certificate there are quite a few cryptographic functions taking place. Every SSL Certificate has a key pair and a hash, and they all involve authentication and key exchange, ECC can be used for any of these functions.
• So what does that all mean? Well, it means ECC can be the backbone of your SSL Certificate in a number of ways. And while a layman likely wouldn’t know the difference between an SSL Certificate that uses ECC and one that uses more traditional methods, there is a significant difference in performance. • And frankly, as the need for greater security grows and the current methods strain to grow with it, that performance gap will only continue to grow, but we’ll talk more about that later.
• Other methods that are currently used with SSL include RSA and DSA, you may have seen these advertised in various SSL Certificate details as well. RSA is named after its creators: Rivest, Shamir and Adleman. DSA is an acronym for Digital Security Algorithm (it was developed by the United States government). Of the two, RSA is the more widely used algorithm. • We won’t spend too much time on the differences between these two except to say they make calculations differently. In fact, all three make calculations differently. We’ll spare you the mathematical details, but suffice it to say those differences have some pretty large ramifications on the long-term viability of each.
POWERFUL PERFORMANCE • Every day computers become more and more powerful. As you read this, in labs around the world, scientists are tinkering with quantum computers that will one day make the lightning fast performance of the computers we use currently seem absolutely pedestrian. That is to say, the processing power of computers continues to increase every day. • In order to stay ahead of those advancements, encryption technology needs to continue advancing as well. Right now, we measure encryption strength in “bits of security” or just bits. This refers to how much work a computer would need to do to break said encryption. You probably see things like 2048-bit key and 256-bit encryption strength thrown around all the time.
• In order to break encryption, a computer literally needs to guess, which means trying millions of combinations of bits. The time this takes depends on the computer’s processing power. • To give you a sense of scale, given our current industry standards, it would likely take an organization like the NSA, which has massive amounts of computing resources – over a decade to break encryption. But, as we mentioned earlier, as computer processing power continues to increase, the time it would potentially take to break encryption continues to shorten.
SO HOW DOES THIS TIE IN TO ECC, RSA AND DSA? • Well, how many “bits of security” these methods provide depends on a range of factors. And it’s not actually a 1:1 type of situation. For instance, a 2048-bit RSA key doesn’t actually provide 2048 “bits of security,” rather it provides only 112. • Here’s where ECC shines. If you double the size of an RSA key to 4096, you’re not doubling the number of “bits of security.” In fact, you’re actually only going to see about a 20% gain. That means a more cumbersome key, which is going to hurt performance and not increase the level of security that substantially.
• ECC on the other hand can achieve equivalent “bits of security” using much smaller keys. And when we say much smaller, we’re talking like 90% smaller. This in turn means better performance. It also means better scalability. As industry standards increase, RSA and DSA keys will become larger and more unwieldy and ECC will start becoming more widely adopted. • Already, large sites – let’s call them mega-sites – like Facebook and Cloudflare are using ECC because of the massive performance benefits. • Granted, for a smaller site, you may not notice much of a difference. But again, it’s all about scalability.
ADOPTING ECC • As we mentioned, ECC is currently only in use by a small number of sites. For your average company or organization, the performance difference is negligible. The SSL Handshake still takes place in a matter of milliseconds even with RSA and DSA keys. Given the way humans perceive time, a performance difference that deals in milliseconds – even if it is up to 100% better – isn’t even noticeable. • And to that end, recent data from Mozilla’s TLS Observatory says over 90% of SSL Certificates in use today use RSA keys, while just 4% use ECC. RSA has pretty much been king since SSL was invented.
• Because of this, server and client software has been slow to support ECC and many CAs don’t even provide it as an option (as we said at the beginning of this article, even within our sizeable product log, only a few high-end Symantec Certificates offer it). • But, as the processing power of computers continues to advance and forces industry standards to call for more secure keys and encryption strength, ECC is going to see substantial growth in terms of its popularity. RSA and DSA will soon be pushed beyond their reasonable limits and ECC is their logical successor. • So why wait for the industry to tell you to use ECC? Invest in it now and stay ahead of the curve. After all, ECC is the future. It’s just a matter of when you want to embrace it.
IMPORTANT RESOURCES • Symantec SSL Certificates – The Next Evolution in Business Security • Why EV SSL Certificates Are Perfect for Startup E-Commerce Companies • HTTPS Encryption for iOS and Android – A Step Towards Cybersecurity Awareness
FOR MORE DETAILS ON ECC ENCRYPTION Blog: cheapsslsecurity.com/blog Facebook: CheapSSLSecurities Twitter: SSLSecurity Google Plus: +Cheapsslsecurity

Recommended

Substitution Cipher
Substitution CipherSubstitution Cipher
Substitution CipherAgung Julisman
 
Ch03 block-cipher-and-data-encryption-standard
Ch03 block-cipher-and-data-encryption-standardCh03 block-cipher-and-data-encryption-standard
Ch03 block-cipher-and-data-encryption-standardtarekiceiuk
 
Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Mazin Alwaaly
 
Block Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationBlock Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationVittorio Giovara
 
Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3koolkampus
 
Alice & bob public key cryptography 101
Alice & bob public key cryptography 101Alice & bob public key cryptography 101
Alice & bob public key cryptography 101Joshua Thijssen
 
Public key cryptography and RSA
Public key cryptography and RSAPublic key cryptography and RSA
Public key cryptography and RSAShafaan Khaliq Bhatti
 
Ecc2
Ecc2Ecc2
Ecc2manikandan varadharaju
 

Recommended

Substitution Cipher
Substitution CipherSubstitution Cipher
Substitution CipherAgung Julisman
 
Ch03 block-cipher-and-data-encryption-standard
Ch03 block-cipher-and-data-encryption-standardCh03 block-cipher-and-data-encryption-standard
Ch03 block-cipher-and-data-encryption-standardtarekiceiuk
 
Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Information and data security block cipher and the data encryption standard (...
Information and data security block cipher and the data encryption standard (...Mazin Alwaaly
 
Block Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationBlock Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationVittorio Giovara
 
Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3koolkampus
 
Alice & bob public key cryptography 101
Alice & bob public key cryptography 101Alice & bob public key cryptography 101
Alice & bob public key cryptography 101Joshua Thijssen
 
Public key cryptography and RSA
Public key cryptography and RSAPublic key cryptography and RSA
Public key cryptography and RSAShafaan Khaliq Bhatti
 
Ecc2
Ecc2Ecc2
Ecc2manikandan varadharaju
 
Cryptography
CryptographyCryptography
CryptographyAnandKaGe
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
CNIT 141: 9. Elliptic Curve Cryptosystems
CNIT 141: 9. Elliptic Curve CryptosystemsCNIT 141: 9. Elliptic Curve Cryptosystems
CNIT 141: 9. Elliptic Curve CryptosystemsSam Bowne
 
Zero to ECC in 30 Minutes: A primer on Elliptic Curve Cryptography (ECC)
Zero to ECC in 30 Minutes: A primer on Elliptic Curve Cryptography (ECC)Zero to ECC in 30 Minutes: A primer on Elliptic Curve Cryptography (ECC)
Zero to ECC in 30 Minutes: A primer on Elliptic Curve Cryptography (ECC)Entrust Datacard
 
Substitution cipher
Substitution cipher Substitution cipher
Substitution cipher Shafiqah Emilia
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptographysubhradeep mitra
 
Alice & bob public key cryptography 101
Alice & bob public key cryptography 101Alice & bob public key cryptography 101
Alice & bob public key cryptography 101Joshua Thijssen
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation harshit chavda
 
Information and data security block cipher operation
Information and data security block cipher operationInformation and data security block cipher operation
Information and data security block cipher operationMazin Alwaaly
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquesMohd Arif
 
PUBLIC KEY ENCRYPTION
PUBLIC KEY ENCRYPTIONPUBLIC KEY ENCRYPTION
PUBLIC KEY ENCRYPTIONraf_slide
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signaturesRohit Bhat
 
What is Asymmetric Encryption? Understand with Simple Examples
What is Asymmetric Encryption? Understand with Simple ExamplesWhat is Asymmetric Encryption? Understand with Simple Examples
What is Asymmetric Encryption? Understand with Simple ExamplesCheapSSLsecurity
 
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurityTLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurityCheapSSLsecurity
 
How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error
How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH ErrorHow to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error
How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH ErrorCheapSSLsecurity
 
Apache Server: Common SSL Errors and Troubleshooting Guide
Apache Server: Common SSL Errors and Troubleshooting GuideApache Server: Common SSL Errors and Troubleshooting Guide
Apache Server: Common SSL Errors and Troubleshooting GuideCheapSSLsecurity
 
Multi Domain Wildcard Features explained by CheapSSLsecurity
Multi Domain Wildcard Features explained by CheapSSLsecurityMulti Domain Wildcard Features explained by CheapSSLsecurity
Multi Domain Wildcard Features explained by CheapSSLsecurityCheapSSLsecurity
 
Various Types of OpenSSL Commands and Keytool
Various Types of OpenSSL Commands and KeytoolVarious Types of OpenSSL Commands and Keytool
Various Types of OpenSSL Commands and KeytoolCheapSSLsecurity
 
What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?CheapSSLsecurity
 

More Related Content

Viewers also liked

Cryptography
CryptographyCryptography
CryptographyAnandKaGe
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
CNIT 141: 9. Elliptic Curve Cryptosystems
CNIT 141: 9. Elliptic Curve CryptosystemsCNIT 141: 9. Elliptic Curve Cryptosystems
CNIT 141: 9. Elliptic Curve CryptosystemsSam Bowne
 
Zero to ECC in 30 Minutes: A primer on Elliptic Curve Cryptography (ECC)
Zero to ECC in 30 Minutes: A primer on Elliptic Curve Cryptography (ECC)Zero to ECC in 30 Minutes: A primer on Elliptic Curve Cryptography (ECC)
Zero to ECC in 30 Minutes: A primer on Elliptic Curve Cryptography (ECC)Entrust Datacard
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptographysubhradeep mitra
 
Alice & bob public key cryptography 101
Alice & bob public key cryptography 101Alice & bob public key cryptography 101
Alice & bob public key cryptography 101Joshua Thijssen
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation harshit chavda
 
Information and data security block cipher operation
Information and data security block cipher operationInformation and data security block cipher operation
Information and data security block cipher operationMazin Alwaaly
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquesMohd Arif
 
PUBLIC KEY ENCRYPTION
PUBLIC KEY ENCRYPTIONPUBLIC KEY ENCRYPTION
PUBLIC KEY ENCRYPTIONraf_slide
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signaturesRohit Bhat
 

Viewers also liked (15)

Cryptography
CryptographyCryptography
Cryptography
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
 
CNIT 141: 9. Elliptic Curve Cryptosystems
CNIT 141: 9. Elliptic Curve CryptosystemsCNIT 141: 9. Elliptic Curve Cryptosystems
CNIT 141: 9. Elliptic Curve Cryptosystems
 
Zero to ECC in 30 Minutes: A primer on Elliptic Curve Cryptography (ECC)
Zero to ECC in 30 Minutes: A primer on Elliptic Curve Cryptography (ECC)Zero to ECC in 30 Minutes: A primer on Elliptic Curve Cryptography (ECC)
Zero to ECC in 30 Minutes: A primer on Elliptic Curve Cryptography (ECC)
 
Substitution cipher
Substitution cipher Substitution cipher
Substitution cipher
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptography
 
Alice & bob public key cryptography 101
Alice & bob public key cryptography 101Alice & bob public key cryptography 101
Alice & bob public key cryptography 101
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation
 
Information and data security block cipher operation
Information and data security block cipher operationInformation and data security block cipher operation
Information and data security block cipher operation
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniques
 
PUBLIC KEY ENCRYPTION
PUBLIC KEY ENCRYPTIONPUBLIC KEY ENCRYPTION
PUBLIC KEY ENCRYPTION
 
Introduction to Digital signatures
Introduction to Digital signaturesIntroduction to Digital signatures
Introduction to Digital signatures
 

More from CheapSSLsecurity

What is Asymmetric Encryption? Understand with Simple Examples
What is Asymmetric Encryption? Understand with Simple ExamplesWhat is Asymmetric Encryption? Understand with Simple Examples
What is Asymmetric Encryption? Understand with Simple ExamplesCheapSSLsecurity
 
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurityTLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurityCheapSSLsecurity
 
How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error
How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH ErrorHow to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error
How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH ErrorCheapSSLsecurity
 
Apache Server: Common SSL Errors and Troubleshooting Guide
Apache Server: Common SSL Errors and Troubleshooting GuideApache Server: Common SSL Errors and Troubleshooting Guide
Apache Server: Common SSL Errors and Troubleshooting GuideCheapSSLsecurity
 
Multi Domain Wildcard Features explained by CheapSSLsecurity
Multi Domain Wildcard Features explained by CheapSSLsecurityMulti Domain Wildcard Features explained by CheapSSLsecurity
Multi Domain Wildcard Features explained by CheapSSLsecurityCheapSSLsecurity
 
Various Types of OpenSSL Commands and Keytool
Various Types of OpenSSL Commands and KeytoolVarious Types of OpenSSL Commands and Keytool
Various Types of OpenSSL Commands and KeytoolCheapSSLsecurity
 
What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?CheapSSLsecurity
 
Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017CheapSSLsecurity
 
The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018CheapSSLsecurity
 
Is your business PCI DSS compliant? You’re digging your own grave if not
Is your business PCI DSS compliant? You’re digging your own grave if notIs your business PCI DSS compliant? You’re digging your own grave if not
Is your business PCI DSS compliant? You’re digging your own grave if notCheapSSLsecurity
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafeCheapSSLsecurity
 
How Hashing Algorithms Work
How Hashing Algorithms WorkHow Hashing Algorithms Work
How Hashing Algorithms WorkCheapSSLsecurity
 
Quantum Computing vs Encryption: A Battle to Watch Out for
Quantum Computing vs Encryption: A Battle to Watch Out forQuantum Computing vs Encryption: A Battle to Watch Out for
Quantum Computing vs Encryption: A Battle to Watch Out forCheapSSLsecurity
 
Symantec (ISTR) Internet Security Threat Report Volume 22
Symantec (ISTR) Internet Security Threat Report Volume 22Symantec (ISTR) Internet Security Threat Report Volume 22
Symantec (ISTR) Internet Security Threat Report Volume 22CheapSSLsecurity
 
Hashing vs Encryption vs Encoding
Hashing vs Encryption vs EncodingHashing vs Encryption vs Encoding
Hashing vs Encryption vs EncodingCheapSSLsecurity
 
Understanding SSL Certificate for Apps by Symantec
Understanding SSL Certificate for Apps by SymantecUnderstanding SSL Certificate for Apps by Symantec
Understanding SSL Certificate for Apps by SymantecCheapSSLsecurity
 
Thawte Wildcard SSL Certificates – Enable Sub-Domains Security
Thawte Wildcard SSL Certificates – Enable Sub-Domains SecurityThawte Wildcard SSL Certificates – Enable Sub-Domains Security
Thawte Wildcard SSL Certificates – Enable Sub-Domains SecurityCheapSSLsecurity
 
Shift to HTTPS and Save Your Website from the Wrath of Blacklisting
Shift to HTTPS and Save Your Website from the Wrath of BlacklistingShift to HTTPS and Save Your Website from the Wrath of Blacklisting
Shift to HTTPS and Save Your Website from the Wrath of BlacklistingCheapSSLsecurity
 
Microsoft Exchange Server & SSL Certificates: Everything you need to know
Microsoft Exchange Server & SSL Certificates: Everything you need to knowMicrosoft Exchange Server & SSL Certificates: Everything you need to know
Microsoft Exchange Server & SSL Certificates: Everything you need to knowCheapSSLsecurity
 
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurity
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurityComodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurity
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurityCheapSSLsecurity
 

More from CheapSSLsecurity (20)

What is Asymmetric Encryption? Understand with Simple Examples
What is Asymmetric Encryption? Understand with Simple ExamplesWhat is Asymmetric Encryption? Understand with Simple Examples
What is Asymmetric Encryption? Understand with Simple Examples
 
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurityTLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
 
How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error
How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH ErrorHow to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error
How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error
 
Apache Server: Common SSL Errors and Troubleshooting Guide
Apache Server: Common SSL Errors and Troubleshooting GuideApache Server: Common SSL Errors and Troubleshooting Guide
Apache Server: Common SSL Errors and Troubleshooting Guide
 
Multi Domain Wildcard Features explained by CheapSSLsecurity
Multi Domain Wildcard Features explained by CheapSSLsecurityMulti Domain Wildcard Features explained by CheapSSLsecurity
Multi Domain Wildcard Features explained by CheapSSLsecurity
 
Various Types of OpenSSL Commands and Keytool
Various Types of OpenSSL Commands and KeytoolVarious Types of OpenSSL Commands and Keytool
Various Types of OpenSSL Commands and Keytool
 
What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?
 
Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017
 
The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018
 
Is your business PCI DSS compliant? You’re digging your own grave if not
Is your business PCI DSS compliant? You’re digging your own grave if notIs your business PCI DSS compliant? You’re digging your own grave if not
Is your business PCI DSS compliant? You’re digging your own grave if not
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You Safe
 
How Hashing Algorithms Work
How Hashing Algorithms WorkHow Hashing Algorithms Work
How Hashing Algorithms Work
 
Quantum Computing vs Encryption: A Battle to Watch Out for
Quantum Computing vs Encryption: A Battle to Watch Out forQuantum Computing vs Encryption: A Battle to Watch Out for
Quantum Computing vs Encryption: A Battle to Watch Out for
 
Symantec (ISTR) Internet Security Threat Report Volume 22
Symantec (ISTR) Internet Security Threat Report Volume 22Symantec (ISTR) Internet Security Threat Report Volume 22
Symantec (ISTR) Internet Security Threat Report Volume 22
 
Hashing vs Encryption vs Encoding
Hashing vs Encryption vs EncodingHashing vs Encryption vs Encoding
Hashing vs Encryption vs Encoding
 
Understanding SSL Certificate for Apps by Symantec
Understanding SSL Certificate for Apps by SymantecUnderstanding SSL Certificate for Apps by Symantec
Understanding SSL Certificate for Apps by Symantec
 
Thawte Wildcard SSL Certificates – Enable Sub-Domains Security
Thawte Wildcard SSL Certificates – Enable Sub-Domains SecurityThawte Wildcard SSL Certificates – Enable Sub-Domains Security
Thawte Wildcard SSL Certificates – Enable Sub-Domains Security
 
Shift to HTTPS and Save Your Website from the Wrath of Blacklisting
Shift to HTTPS and Save Your Website from the Wrath of BlacklistingShift to HTTPS and Save Your Website from the Wrath of Blacklisting
Shift to HTTPS and Save Your Website from the Wrath of Blacklisting
 
Microsoft Exchange Server & SSL Certificates: Everything you need to know
Microsoft Exchange Server & SSL Certificates: Everything you need to knowMicrosoft Exchange Server & SSL Certificates: Everything you need to know
Microsoft Exchange Server & SSL Certificates: Everything you need to know
 
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurity
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurityComodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurity
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurity
 

Recently uploaded

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 

Recently uploaded (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 

ECC Elliptic Curve Cryptography Encryption and SSL Certificate

  • 1. ECC ENCRYPTION AND SSL CERTIFICATE
  • 2. UNDERSTANDING ELLIPTIC CURVE CRYPTOGRAPHY AND HOW IT RELATES TO SSL/TLS • You may notice that a couple of the Symantec products we offer, namely the Symantec Secure Site Pro line, advertise something called “ECC” or Elliptic Curve Cryptography. This is a mathematical method that can be applied to SSL/TLS Encryption. • ECC is actually not new, it’s been around for about a decade at this point, but given the fact it’s yet to be widely adopted it remains a mystery to many people.
  • 3. • ECC is incredibly complex, which is why we’ll avoid getting too granular in our discussion of it at this point (that can be saved for future posts), instead we’re going to give you the main points about ECC in case you’re interested in purchasing an SSL Certificate that makes use of it.
  • 4. WHAT EXACTLY IS ECC? • There are a broad range of applications for Elliptic Curve Cryptography, when it comes to its applications to SSL it can be used to create encryption keys, to provide digital signatures, and more. • With any SSL Certificate there are quite a few cryptographic functions taking place. Every SSL Certificate has a key pair and a hash, and they all involve authentication and key exchange, ECC can be used for any of these functions.
  • 5. • So what does that all mean? Well, it means ECC can be the backbone of your SSL Certificate in a number of ways. And while a layman likely wouldn’t know the difference between an SSL Certificate that uses ECC and one that uses more traditional methods, there is a significant difference in performance. • And frankly, as the need for greater security grows and the current methods strain to grow with it, that performance gap will only continue to grow, but we’ll talk more about that later.
  • 6. • Other methods that are currently used with SSL include RSA and DSA, you may have seen these advertised in various SSL Certificate details as well. RSA is named after its creators: Rivest, Shamir and Adleman. DSA is an acronym for Digital Security Algorithm (it was developed by the United States government). Of the two, RSA is the more widely used algorithm. • We won’t spend too much time on the differences between these two except to say they make calculations differently. In fact, all three make calculations differently. We’ll spare you the mathematical details, but suffice it to say those differences have some pretty large ramifications on the long-term viability of each.
  • 7. POWERFUL PERFORMANCE • Every day computers become more and more powerful. As you read this, in labs around the world, scientists are tinkering with quantum computers that will one day make the lightning fast performance of the computers we use currently seem absolutely pedestrian. That is to say, the processing power of computers continues to increase every day. • In order to stay ahead of those advancements, encryption technology needs to continue advancing as well. Right now, we measure encryption strength in “bits of security” or just bits. This refers to how much work a computer would need to do to break said encryption. You probably see things like 2048-bit key and 256-bit encryption strength thrown around all the time.
  • 8. • In order to break encryption, a computer literally needs to guess, which means trying millions of combinations of bits. The time this takes depends on the computer’s processing power. • To give you a sense of scale, given our current industry standards, it would likely take an organization like the NSA, which has massive amounts of computing resources – over a decade to break encryption. But, as we mentioned earlier, as computer processing power continues to increase, the time it would potentially take to break encryption continues to shorten.
  • 9. SO HOW DOES THIS TIE IN TO ECC, RSA AND DSA? • Well, how many “bits of security” these methods provide depends on a range of factors. And it’s not actually a 1:1 type of situation. For instance, a 2048-bit RSA key doesn’t actually provide 2048 “bits of security,” rather it provides only 112. • Here’s where ECC shines. If you double the size of an RSA key to 4096, you’re not doubling the number of “bits of security.” In fact, you’re actually only going to see about a 20% gain. That means a more cumbersome key, which is going to hurt performance and not increase the level of security that substantially.
  • 10. • ECC on the other hand can achieve equivalent “bits of security” using much smaller keys. And when we say much smaller, we’re talking like 90% smaller. This in turn means better performance. It also means better scalability. As industry standards increase, RSA and DSA keys will become larger and more unwieldy and ECC will start becoming more widely adopted. • Already, large sites – let’s call them mega-sites – like Facebook and Cloudflare are using ECC because of the massive performance benefits. • Granted, for a smaller site, you may not notice much of a difference. But again, it’s all about scalability.
  • 11. ADOPTING ECC • As we mentioned, ECC is currently only in use by a small number of sites. For your average company or organization, the performance difference is negligible. The SSL Handshake still takes place in a matter of milliseconds even with RSA and DSA keys. Given the way humans perceive time, a performance difference that deals in milliseconds – even if it is up to 100% better – isn’t even noticeable. • And to that end, recent data from Mozilla’s TLS Observatory says over 90% of SSL Certificates in use today use RSA keys, while just 4% use ECC. RSA has pretty much been king since SSL was invented.
  • 12. • Because of this, server and client software has been slow to support ECC and many CAs don’t even provide it as an option (as we said at the beginning of this article, even within our sizeable product log, only a few high-end Symantec Certificates offer it). • But, as the processing power of computers continues to advance and forces industry standards to call for more secure keys and encryption strength, ECC is going to see substantial growth in terms of its popularity. RSA and DSA will soon be pushed beyond their reasonable limits and ECC is their logical successor. • So why wait for the industry to tell you to use ECC? Invest in it now and stay ahead of the curve. After all, ECC is the future. It’s just a matter of when you want to embrace it.
  • 13. IMPORTANT RESOURCES • Symantec SSL Certificates – The Next Evolution in Business Security • Why EV SSL Certificates Are Perfect for Startup E-Commerce Companies • HTTPS Encryption for iOS and Android – A Step Towards Cybersecurity Awareness
  • 14. FOR MORE DETAILS ON ECC ENCRYPTION Blog: cheapsslsecurity.com/blog Facebook: CheapSSLSecurities Twitter: SSLSecurity Google Plus: +Cheapsslsecurity