ok here is a fun fact.
I program every single day of my life.
I understand what curves are, and why and how they get used in encryption. but it is a rudimentary understanding.
I cannot understand why there needs to be a standard curve that gets used. I get that there are programming standards.
I get that using curves is important. but I do not see the use in getting a standard curve, all that can lead to is a possible breach in encryption.
rather than having a standard for the curve you use there should be a machine with insane amounts of processing power, and the ability to attempt a force break of encryption.
so to have your encryption passed by the regulator, the encrypted file should be put under the crucible of a force break by one of the most powerful computers ever made. your certificate level is then awarded on amount of time it took the computer to force its way through.
Imagine google coming in and saying we have increased our encryption procedure from a 14 hour to a 16 hour encryption.
is it just me or does that actually seem like a solid idea? maybe I just misunderstood the entire thing.