[Cryptography] RSA equivalent key length/strength

Peter Gutmann pgut001 at cs.auckland.ac.nz
Wed Sep 25 07:59:50 EDT 2013


Peter Fairbrother <zenadsl6186 at zen.co.uk> writes:
>On 24/09/13 05:27, Peter Gutmann wrote:
>> Peter Fairbrother <zenadsl6186 at zen.co.uk> writes:
>>> If you just want a down-and-dirty 2048-bit FS solution which will work today,
>>> why not just have the websites sign a new RSA-2048 sub-certificate every day?
>>> Or every few hours? And delete the secret key, of course.
>>
>> ... and I guess that puts you firmly in the theoretical/impractical camp.
>> Would you care to explain how this is going to work within the TLS protocol?
>
>I'm not sure I understand you.

Something that can "sign a new RSA-2048 sub-certificate" is called a CA.  For 
a browser, it'll have to be a trusted CA.  What I was asking you to explain is 
how the browsers are going to deal with over half a billion (source: Netcraft 
web server survey) new CAs in the ecosystem when "websites sign a new RSA-2048 
sub-certificate".

Peter.


More information about the cryptography mailing list