Schneier (and RSA) on Bernstein factoring machine

Trei, Peter ptrei at
Tue Apr 16 15:54:27 EDT 2002

> Anonymous[SMTP:nobody at]
> Bruce Schneier writes in the April 15, 2002, CRYPTO-GRAM,
> > But there's no reason to panic, or to dump existing systems.  I don't
> think 
> > Bernstein's announcement has changed anything.  Businesses today could 
> > reasonably be content with their 1024-bit keys, and military
> institutions 
> > and those paranoid enough to fear from them should have upgraded years
> ago.
> >
> > To me, the big news in Lucky Green's announcement is not that he
> believes 
> > that Bernstein's research is sufficiently worrisome as to warrant
> revoking 
> > his 1024-bit keys; it's that, in 2002, he still has 1024-bit keys to
> revoke.
> Does anyone else notice the contradiction in these two paragraphs?
> First Bruce says that businesses can reasonably be content with 1024 bit
> keys, then he appears shocked that Lucky Green still has a 1024 bit key?
> Why is it so awful for Lucky to "still" have a key of this size, if 1024
> bit keys are good enough to be "reasonably content" about?
Anonymous is missing the joke here. Bruce suggests that ordinary
non-paranoid users (here represented as 'businesses') should feel 
reasonably content with 1024 bit keys, but 'military institutions 
and those paranoid enough to fear them should have upgraded 
years ago'.

So, we have three categories of users: 

1. businesses (ie, 'ordinary users)
2. Military institutions.
3. The paranoid (whether justified or not).

Well, Lucky's not a business, and he's certainly not a military
institution (despite his fondness for ordinance). What does that 
leave? Most of us who know him got a little chuckle out of this.

For RSA's 'official' position on this issue, take a look at:

If there's a call for it, I'll post the whole text so you can read
it without visiting our site (it's not too long).

Peter Trei
RSA Security

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list