2048 bits, damn the electrons! [rt at openssl.org: [openssl.org #2354] [PATCH] Increase Default RSA Key Size to 2048-bits]

James A. Donald jamesd at echeque.com
Sat Oct 2 20:01:49 EDT 2010


On 2010-10-01 3:23 PM, Chris Palmer wrote:
> In my quantitative, non-hand-waving, repeated experience with many clients in
> many business sectors using a wide array of web application technology
> stacks, almost all web apps suffer a network and disk I/O bloat factor of 5,
> 10, 20, ...

Which does not, however, make bloated RSA keys any the less evil.

All the evils you describe get worse under https.

A badly designed https page is likely to require the client to perform 
lots and lots and lots of RSA operations in order to respond to the user 
click.

A 2048 bit operation takes around 0.01 seconds, which is insignificant. 
  But an https connection takes several such operations.  Lots of https 
connections ....

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list