> (RSA is ubiquitous but getting old; apparently elliptic-key systems are
> gaining favor because they provide more security per bit of key length. I
> don't know whether they're any less compute-intensive than RSA. I'll do some
> research and try to find JS impls of any of these.)
Elliptic-key systems
[http://en.wikipedia.org/wiki/Elliptic_curve_cryptography] are not
about RSA, DSA or whatever. They are mostly about getting the same
security level using less bits, thus you can achieve the same
encryption security using less calculations. So yes, it's less
compute-intensive and they were first used in mobile devices (reduced
memory).
I think all of this is very interesting, secure multi-part
computation, digital signatures, etc. But please use standards and
don't reinvent the wheel unless your sure the standard does not fit
it's own purpose (which happens sometimes :P).
I small note on elliptic curves. They are a mathematical construct
that given two numbers (x and y) allow you to compute another one (z)
but given that z you cannot determine which x and y generated them
[http://www.certicom.com/images/content/resources/ecc_tutorial/ec2_1_3.gif].
The objective of most one-way hash functions is to have something
really simple to compute but very hard to reverse engineer. So this
fits perfectly. Previously we mostly used prime factorization
algorithms and some others i forgot :P
Nuno