[cantos]

I've often heard the claim that elliptic curve cryptography is not used much in practice compared to RSA. I don't doubt its true but I would like to have some evidence for it so I can also say it without being a parrot.

I don't know anything about real world implementations of cryptography. How can I go about getting data that RSA is more widely used?

[__david__]

Well, probably the most widely used cryptography is SSL, specifically the kind used in HTTPS. The whole HTTPS ecosystem revolves around certificates authorities that sign your RSA key. So on that fact alone, I would say there's more RSA out there than ECC.

SSH is also very widely used and it has traditionally used RSA keys, though it supports DSA keys, too and, more recently, ECDSA (the "EC" being elliptic curve). Sadly, Mac OS X's built in openssh is an older version that doesn't support ECDSA and apparently Redhat turns off ECDSA support for some sort of legal/patent reasons. So that's another case where RSA is more popular.

[dfox]

SSL/X.509 and that whole ecosystem can use ECDSA based certificates and ECDH as key exchange, because it is explicitly designed to allow multiple variants of encryption algorithms.

There are relatively many widely deployed systems that use ECC because of resource constrains (short signatures, mainly). For example both Microsoft's product keys and FlexLM use something that is at least described in marketing materials as ECDSA.