non 2048-bit keys

John Gilmore gnu at toad.com
Sat Aug 14 23:25:32 EDT 2010


>>                                      ... 2048-bit keys performing
>> at 1/9th of 1024-bit. My own internal benchmarks have been closer to
>> 1/7th to 1/8th. Either way, that's back in line with the above stated
>> 90-95% overhead. Meaning, in Dan's words "2048 ain't happening."

Can I abuse a phrase and call this "binary thinking"?

There is no reason that the next step after 1024 bits has to be 2048 bits.
How about 1032 bits?  Or 1040?  Or 1104?
How about 1200 bits?  How about 1536?  How about 1600?  1808?

I have a theory that if everyone picked a pseudo-random key size above
1024 and below 2048, rather than standardizing on Yet Another Fixed
Keysize, we'd avoid making a powerful incentive for bad guys to build
a key-cracker optimized for one size.  Which incentive we have
currently created at 1024 bits.  It's the Microsoft Windows of key
sizes -- the target that gets you 90+% of the market.  So pick a
larger size than 1024 that your server load can live with, even if it
isn't 2048.  And don't tell anybody else what size you picked :-).

	John

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list