Has there been a change in US banking regulations recently?

Thor Lancelot Simon tls at rek.tjls.com
Sat Aug 14 17:59:21 EDT 2010


On Fri, Aug 13, 2010 at 02:55:32PM -0500, eric.lengvenis at wellsfargo.com wrote:
> 
> The big drawback is that those who want to follow NIST's
> recommendations to migrate to 2048-bit keys will be returning to
> the 2005-era overhead. Dan Kaminsky provided some benchmarks in a
> different thread on this list [1] that showed 2048-bit keys performing
> at 1/9th of 1024-bit. My own internal benchmarks have been closer to
> 1/7th to 1/8th. Either way, that's back in line with the above stated
> 90-95% overhead. Meaning, in Dan's words "2048 ain't happening."

Indeed.  The way forward would seem to be ECC, but show me a load balancer
or even a dedicated SSL offload device which supports ECC.  I'm not even
certain the popular clients, which are usually well ahead of everything
else in terms of cryptography support, can cope with it.  The only place
it seems to be consistently used is in proprietary client/server software
for mobile devices, as has been the case for years.

Thor

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list