select quotes from "The NSA Is Breaking Most Encryption on the Internet" http://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html """ Remember this: The math is good, but math has no agency. Code has agency, and the code has been subverted. ... [regarding magic curve constants] Bruce Schneier • September 5, 2013 4:07 PM I no longer trust the constants. I believe the NSA has manipulated them through their relationships with industry. ... Bruce Schneier • September 5, 2013 7:32 PM "You recommended to 'Prefer symmetric cryptography over public-key cryptography.' Can you elaborate on why?" It is more likely that the NSA has some fundamental mathematical advance in breaking public-key algorithms than symmetric algorithms. [EDITOR: the safety margin for key lengths over time is definitely more reassuring for symmetric ciphers*. and aggravating that hardware security products and other encryption appliances and systems do not accomodate 4k or even 2k keys well, not to mention the varied cipher suites you may prefer...] ... Bruce Schneier • September 5, 2013 4:58 PM "Why are you not going to write about those 'other few things'? Can you write about the here please? I want to keep some secrets in my back pocket. """ * key length recommendations in bits Lenstra and Verheul Equations (2000) symmetric: 70 pubkey. 952 hash: 140 compare to: ECRYPT II 2011-2015 symmetric: 80 pubkey: 1248 hash: 160 and considering projection: ECRYPT II >2041 symmetric: 256 pubkey: 15424 hash: 512