307 digit number factored
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Tue May 22 22:45:49 EDT 2007
Victor Duchovni <Victor.Duchovni at MorganStanley.com> writes:
>As 1024 RSA keys are not a major risk *today*,
I would go further and say that for most applications of PKCs/PKI today, 1024-
bit RSA keys are not a risk at all, or more specifically that on a scale of
risk they're so far down the list that they're close to negligible. As
numerous security HCI studies have shown, user comprehension of PKI is close
to zero percent, which means that the security effectiveness of the same is
also close to zero. As the multi-billion dollar phishing industry has ably
demonstrated, the bad guys are more than aware of this too. So going from x-
bit RSA to y-bit RSA on a component with close to zero-percent effectiveness
is... well, I'll let you do the maths. Until the hundred other constituent
parts required to secure something like web browsing are fixed, changing the
key size is just pointless posturing, since it's not fixing anything that
anyone is attacking. Once all the other bits are fixed and working as
intended, then we can go back to debating whether length is more important
than width in key sizes.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list