I came across an interesting article on elliptic curve digital signatures.
http://infosecurity.ch/20100926/not-every-elliptic-curve-is-the-same-trough-on-ecc-security/He comes to a remarkable conclusion:
I would like to state that Koblitz curves should be avoided, in any key size as they do not have enough warranty on crypto analytic activity and effectively they are:
Not part of NSA Suite-B cryptography selection
Not part of ECC Brainpool selection
Not part of ANSI X9.62 selection
Not part of OpenPGP ECC extension selection
Not part of Kerberos extension for ECC curve selection
In general, I am not a huge fan of his analysis method which is simply appeal to authority rather than actual discussion of the curves. However there may be something to it. It is worth pointing out that woodcoin is the only coin I know of which follows his recommendations.
The only other coins I know of which do not use Koblitz curves (in particular secp256k1) are the ones built with CryptoNote. CryptoNote usees EdDSA which like Koblitz curves may have some advantages but according to the criteria of the linked article still fails to have been recommended by the various authorities.
Any comments and corrections, especially pointing me to alternative coins, would be greatly appreciated.
-- funkenstein the dwarf
