[145685] in cryptography@c2.net mail archive
Re: 2048-bit RSA keys
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Tue Aug 17 16:43:02 2010
Date: Tue, 17 Aug 2010 16:42:17 -0400
From: "Perry E. Metzger" <perry@piermont.com>
To: Simon Josefsson <simon@josefsson.org>
Cc: cryptography@metzdowd.com
In-Reply-To: <87k4np7zez.fsf@mocca.josefsson.org>
On Tue, 17 Aug 2010 22:32:52 +0200 Simon Josefsson
<simon@josefsson.org> wrote:
> Bill Stewart <bill.stewart@pobox.com> writes:
>
> > Basically, 2048's safe with current hardware
> > until we get some radical breakthrough
> > like P==NP or useful quantum computers,
> > and if we develop hardware radical enough to
> > use a significant fraction of the solar output,
> > we'll probably find it much easier to eavesdrop
> > on the computers we're trying to attack than to
> > crack the crypto.
>
> Another breakthrough in integer factoring could be sufficient for an
> attack on RSA-2048. Given the number of increasingly efficient
> integer factorization algorithms that have been discovered
> throughout history, another breakthrough here seems more natural
> than unlikely to me.
A breakthrough could also render 10kbit keys broken, or might never
happen at all. A breakthrough could make short ECC keys vulnerable.
A breakthrough could make AES vulnerable. One can't operate on this
basis -- it makes it impossible to use anything other than one-time
pads.
--
Perry E. Metzger perry@piermont.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
