[6080] in cryptography@c2.net mail archive
Key sizes paper published
daemon@ATHENA.MIT.EDU (P.J. Ponder)
Wed Nov 17 11:07:11 1999
Date: Wed, 17 Nov 1999 11:05:02 -0500 (EST)
From: "P.J. Ponder" <ponder@freenet.tlh.fl.us>
Reply-To: "P.J. Ponder" <ponder@freenet.tlh.fl.us>
To: cryptography@c2.net
Message-ID: <Pine.OSF.3.96.991117105333.20095B-100000@fn3.freenet.tlh.fl.us>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Bruce Schneier noted in the latest 'Crypto-Gram' a paper on key sizes
written by Arjen Lenstra and Eric Verheul:
http://www.cryptosavvy.com
The paper explains the methods used to arrive at various estimates.
One interesting note is the expected weakness of the US Digital Signature
Standard (DSS) - it is recommended for commercial applications only until
about 2002 (for the field size) and about 2013 for hashes. They also note
that NIST is working on a replacement of the DSS with longer key sizes.
The Crypto-Gram newsletter is at: http://www.counterpane.com/labs.html
