[Cryptography] RSA equivalent key length/strength

Kelly John Rose iam at kjro.se
Tue Sep 24 12:23:20 EDT 2013

On 22/09/2013 2:00 PM, Stephen Farrell wrote:
> On 09/22/2013 01:07 AM, Patrick Pelletier wrote:
>> "1024 bits is enough for anyone"
> That's a mischaracterisation I think. Some folks (incl. me)
> have said that 1024 DHE is arguably better that no PFS

I would argue that 1024 DHE is worse than no PFS, for the same reason
that using DES is a bad move. It is likely to be inherently insecure and
provides a higher sense of security than is valid for the situation. By
insisting that 1024 to be ok, you are, in theory, permitting people to
feel comfortable with an insecure system.

I have always approached that no encryption is better than bad
encryption, otherwise the end user will feel more secure than they
should and is more likely to share information or data they should not
be on that line.

By insisting on 2048 (or higher), you force the issue and ensure that
the overall network is more secure.

Kelly John Rose
Mississauga, ON
Phone: +1 647 638-4104
Twitter: @kjrose

Document contents are confidential between original recipients and sender.

More information about the cryptography mailing list