Scott Vanstone, from Certicom, polemicizes for elliptic curve cryptography. He advances his company's view that ECC is the next generation of public-key cryptography for wireless.
Recent cryptanalytic advances have caused increased discussion about public key sizes and the security required. One particular advance was put forward this past February by Dr Adi Shamir, the 'S' in RSA, which raises new concerns about the security of 1024-bit RSA. His paper describes a new hardware implementation for factoring that improves the running time of the Number Field Sieve by three to four orders of magnitude over current implementations. With this hardware, Shamir estimates the factoring for 512-bit RSA can be completed in 10 minutes by a $10 000 device and 1024-bit RSA in less than 1 year with a $10 million device.
Public-key schemes are typically used to transport or exchange keys for symmetric-key ciphers. A well-designed symmetric-key algorithm that uses an m-bit key should provide m bits of security. That is, to find the key being used would require the adversary to search exhaustively through the key space that has 2m keys in it.