Getting The Word Out: A Call To Software Developers
The security researchers said software developers need to call the function that supports ECC in their products, rather than the current method of calling the function that supports RSA. ECC is seen as more efficient and secure than the first-generation public key techniques. Software makers also need to support TLS 1.2 on the endpoints. New cryptosystems should support ECC, and old systems can be wrapped to support the newer cryptography. Some current implementations that support ECC are also poorly designed, causing some software to default to the RSA algorithm. The researchers are calling on operating system vendors to make ECC easier to use, with updated documentation to push developers away from RSA.