RSA question
travis+ml-cryptography at subspacefield.org
travis+ml-cryptography at subspacefield.org
Thu Sep 2 11:49:07 EDT 2010
On Tue, Aug 31, 2010 at 11:27:39PM -0700, Bill Stewart wrote:
> It's possible that
> under some conditions, trying to brute-force the RSA is more efficient
> than simply brute-forcing the symmetric key
As of 2003, RSA said:
1024 bit RSA ~= 80 bit symmetric
2048 bit RSA ~= 112 bit symmetric
3072 bit RSA ~= 128 bit symmetric
So PK is usually weaker than the symmetric part of a hybrid scheme.
I hear that NIST Key Mgmt guideline (SP 800-57) suggests that the RSA
key size equivalent to a 256 bit symmetric key is roughly 15360 bits.
I haven't actually checked this reference, so I don't know how they
got such a big number; caveat emptor.
I have no idea what the state of, say, AES brute forcing is, so I
don't know the ratio from AES key size to ideal symmetric cipher key
sizes. I'm guessing it's pretty close to 1, but would love to hear
if it's not.
--
It asked me for my race, so I wrote in "human". -- The Beastie Boys
My emails do not have attachments; it's a digital signature that your mail
program doesn't understand. | http://www.subspacefield.org/~travis/
If you are a spammer, please email john at subspacefield.org to get blacklisted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20100902/8625a6ca/attachment.pgp>
More information about the cryptography
mailing list