[145954] in cryptography@c2.net mail archive
Re: 2048 bits, damn the electrons! [rt@openssl.org: [openssl.org
daemon@ATHENA.MIT.EDU (James A. Donald)
Sat Oct 2 20:54:10 2010
Date: Sun, 03 Oct 2010 10:01:49 +1000
From: "James A. Donald" <jamesd@echeque.com>
Reply-To: jamesd@echeque.com
To: cryptography@metzdowd.com
In-Reply-To: <20101001052359.GR20614@noncombatant.org>
On 2010-10-01 3:23 PM, Chris Palmer wrote:
> In my quantitative, non-hand-waving, repeated experience with many clients in
> many business sectors using a wide array of web application technology
> stacks, almost all web apps suffer a network and disk I/O bloat factor of 5,
> 10, 20, ...
Which does not, however, make bloated RSA keys any the less evil.
All the evils you describe get worse under https.
A badly designed https page is likely to require the client to perform
lots and lots and lots of RSA operations in order to respond to the user
click.
A 2048 bit operation takes around 0.01 seconds, which is insignificant.
But an https connection takes several such operations. Lots of https
connections ....
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
