2048 bits, damn the electrons! [rt at openssl.org: [openssl.org #2354] [PATCH] Increase Default RSA Key Size to 2048-bits]

James A. Donald jamesd at echeque.com
Sat Oct 2 20:01:49 EDT 2010

On 2010-10-01 3:23 PM, Chris Palmer wrote:
> In my quantitative, non-hand-waving, repeated experience with many clients in
> many business sectors using a wide array of web application technology
> stacks, almost all web apps suffer a network and disk I/O bloat factor of 5,
> 10, 20, ...

Which does not, however, make bloated RSA keys any the less evil.

All the evils you describe get worse under https.

A badly designed https page is likely to require the client to perform 
lots and lots and lots of RSA operations in order to respond to the user 

A 2048 bit operation takes around 0.01 seconds, which is insignificant. 
  But an https connection takes several such operations.  Lots of https 
connections ....

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list