2048 bits, damn the electrons! [rt at openssl.org: [openssl.org #2354] [PATCH] Increase Default RSA Key Size to 2048-bits]
James A. Donald
jamesd at echeque.com
Sat Oct 2 20:01:49 EDT 2010
On 2010-10-01 3:23 PM, Chris Palmer wrote:
> In my quantitative, non-hand-waving, repeated experience with many clients in
> many business sectors using a wide array of web application technology
> stacks, almost all web apps suffer a network and disk I/O bloat factor of 5,
> 10, 20, ...
Which does not, however, make bloated RSA keys any the less evil.
All the evils you describe get worse under https.
A badly designed https page is likely to require the client to perform
lots and lots and lots of RSA operations in order to respond to the user
click.
A 2048 bit operation takes around 0.01 seconds, which is insignificant.
But an https connection takes several such operations. Lots of https
connections ....
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list