2048-bit RSA keys

Perry E. Metzger perry at piermont.com
Tue Aug 17 16:42:17 EDT 2010


On Tue, 17 Aug 2010 22:32:52 +0200 Simon Josefsson
<simon at josefsson.org> wrote:
> Bill Stewart <bill.stewart at pobox.com> writes:
> 
> > Basically, 2048's safe with current hardware
> > until we get some radical breakthrough
> > like P==NP or useful quantum computers,
> > and if we develop hardware radical enough to
> > use a significant fraction of the solar output,
> > we'll probably find it much easier to eavesdrop
> > on the computers we're trying to attack than to
> > crack the crypto.
> 
> Another breakthrough in integer factoring could be sufficient for an
> attack on RSA-2048.  Given the number of increasingly efficient
> integer factorization algorithms that have been discovered
> throughout history, another breakthrough here seems more natural
> than unlikely to me.

A breakthrough could also render 10kbit keys broken, or might never
happen at all. A breakthrough could make short ECC keys vulnerable.
A breakthrough could make AES vulnerable. One can't operate on this
basis -- it makes it impossible to use anything other than one-time
pads.

-- 
Perry E. Metzger		perry at piermont.com

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list