[Cryptography] Universal security measures for crypto primitives

grarpamp grarpamp at gmail.com
Mon Oct 7 17:10:14 EDT 2013


On Oct 7, 2013, at 1:43 AM, Peter Gutmann <pgut001 at cs.auckland.ac.nz> wrote:
> Given the recent debate about security levels for different key sizes, the
> following paper by Lenstra, Kleinjung, and Thome may be of interest:
>
>  "Universal security from bits and mips to pools, lakes and beyond"
>  http://eprint.iacr.org/2013/635.pdf

On Mon, Oct 7, 2013 at 10:46 AM, Jerry Leichter <leichter at lrw.com> wrote:
> Then:  "...fundamental limits will let you make about 3*10^94 ~ 2^315 [bit] flips
> and store about 2^315 bits

Then perhaps by the time that engine gets near 256 bits done crunching you,
any given secret holder will be either dead, too old / pardonable, or
society will
have moved on, thereby placing the secret into one of historical value only. It
would probably also cost about 2^315 bits to build and operate. Not many
100yr secrets out there besides grand conspiracies and whodunit's, and those
don't really need crypto. Might as well bump everything to 512 just to
be safe from
physics ;)


More information about the cryptography mailing list