2048 bits, damn the electrons! [rt at openssl.org: [openssl.org #2354] [PATCH] Increase Default RSA Key Size to 2048-bits]

Chris Palmer chris at noncombatant.org
Thu Sep 30 00:22:38 EDT 2010


Thor Lancelot Simon writes:

> a significant net loss of security, since the huge increase in computation
> required will delay or prevent the deployment of "SSL everywhere".

That would only happen if we (as security experts) allowed web developers to
believe that the speed of RSA is the limiting factor for web application
performance.

That would only happen if we did not understand how web applications work.

Thankfully, we do understand how web applications work, and we therefore
advise our colleagues and clients in a way that takes the whole problem
space of web application security/performance/availability into account.

Sure, 2048 is overkill. But our most pressing problems are much bigger and
very different. The biggest security problem, usability, rarely involves any
math beyond rudimentary statistics...


-- 
http://noncombatant.org/

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list