
An increasingly common question from Microsec's customers and partners is which cryptographic algorithm is better, RSA or ECC. Answers to these questions are collected in this FAQ, taking into account the security, speed and related regulatory requirements of both solutions.
The table below shows how long the different algorithms and key sizes can be used according to ETSI TS 119 312 V1.4.2 and SOGIS ACM 1.2 Recommendation. These are the standards which are also considered by the National Media and Communication Authority (NMHH) as a starting point.
This shows that the RSA algorithm is not usable for a long time, while the ECC algorithm has no time limit on its usability. In any case, ECC is recommended for documents that will be kept for a long time.
The use of RSA-PSS is not recommended because it is virtually unsupported in software.
How powerful and how fast is each algorithm?
The following table, based on NIST SP 800-57, compares the security of each algorithm and key length. The original table was supplemented with Microchip speed comparison data, so that the table also shows the speed difference between the algorithms for different key sizes.
The table shows that the 2048-bit RSA keys in use today provide only 112 bits of security. In contrast, the most common key size for ECC is 256 bits, which provides 128 bits of security, which is nowadays a basic requirement. While ECC achieves the same or higher security than RSA with much smaller key sizes, ECC is at least 10x faster than the RSA algorithm, which provides the same security.
In many areas, industry standards specifically require the use of ECC for smaller key sizes and better performance.
Examples include, but are not limited to, the following standards:
Sources:
NIST SP 800-57 PART 1 REV. 5
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf
RSA vs. ECC Comparison
https://ww1.microchip.com/downloads/en/DeviceDoc/00003442A.pdf
© 2023 Microsec Ltd. | Company registration number: 01-10-047218 | Tax number: 23584497-2-41