Howdy, I blew it the first time, but the correct elliptic.2.tar now sits on ftp.csua.berkeley.edu/pub/cypherpunks/ciphers. This version is twice as fast as eliptic.tar. A newer version of the elliptic.2.doc is being fixed right now, the only difference with what is posted is a correct reference to the CRYPTO '95 article on polynomial basis inversion. Enjoy. For a compiled version on Sun or under Borland C++ contact Steve Albrecht (eh@mcs.com). He is in the process of setting up macros to get this to compile under just about any unix system. He's also fixed quite a few bugs and is cleaning up a bunch of uninitialized data structures that I didn't notice. Last I heard it was working, so if you want to play on a specific platform, contact Steve directly. Hilarie Orman from U. Arizona (one of the authors of the CRYPTO '95 paper) thinks that calling elliptic curves "strong crypto" may be over selling it. I'm not enough of a mathematician to know how to argue, but it seems to me that almost perfect random output is about as close to strong crypto as one could get. Security thru obscurity doesn't work, elliptic curves are obscure and so far not studied to the same extent as RSA or DES. However, I'll make the claim that elliptic curves are "strong crypto" until proven otherwise. Along those lines, does any one have a classic text to encrypt for a plaintext/ciphertext challenge? I'll put something together and post it in the next few weeks. I'll use the symmetric encryption subroutine. If there is any interest, should I put out a public key challenge as well? Note, I ain't rich, so only token prizes (like $50 ecash and $50 real for each challenge). The point is to check if this is credable crypto, that's all. E-mail replies to cryptech@mcs.com. Thanks for reading this! Patience, persistence, truth, Dr. mike