[Cryptography] RSA equivalent key length/strength

Peter Gutmann pgut001 at cs.auckland.ac.nz
Tue Sep 24 00:27:58 EDT 2013

Peter Fairbrother <zenadsl6186 at zen.co.uk> writes:

>If you just want a down-and-dirty 2048-bit FS solution which will work today,
>why not just have the websites sign a new RSA-2048 sub-certificate every day?
>Or every few hours? And delete the secret key, of course.

... and I guess that puts you firmly in the theoretical/impractical camp.
Would you care to explain how this is going to work within the TLS protocol?
It's easy enough to throw out these hypothetical what-if's (gimme ten minutes
and I'll dream up half a dozen more, all of them theoretically OK, none of
them feasible), but they need to actually be deployable in the real world, and
that's what's constraining the current debate.


More information about the cryptography mailing list