[145694] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: 2048-bit RSA keys

daemon@ATHENA.MIT.EDU (Paul Wouters)
Tue Aug 17 22:31:27 2010

Date: Tue, 17 Aug 2010 21:18:57 -0400 (EDT)
From: Paul Wouters <paul@xelerance.com>
To: Steven Bellovin <smb@cs.columbia.edu>
cc: Samuel Neves <sneves@dei.uc.pt>, cryptography@metzdowd.com
In-Reply-To: <5741A3F6-C3C9-4D1F-AFA6-89B364D18030@cs.columbia.edu>

On Tue, 17 Aug 2010, Steven Bellovin wrote:

> They also suggest that a 3-4 year phase-out of 1024-bit moduli is the proper course.

Note that this is because they take into consideration that secrets have
to be unbreakable for decade(s), which is not the case for all uses of
RSA. For example in DNSSEC, a key can be rolled in a matter of hours
or days.

Paul

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[145694] in cryptography@c2.net mail archive

Re: 2048-bit RSA keys

daemon@ATHENA.MIT.EDU (Paul Wouters)Tue Aug 17 22:31:27 2010

daemon@ATHENA.MIT.EDU (Paul Wouters)
Tue Aug 17 22:31:27 2010