Penetration Testing mailing list archives
[PEN-TEST] Strength of RSA keys -vs- length (was Re: Places to find crypto ...)
From: Bennett Todd <bet () RAHUL NET>
Date: Thu, 7 Dec 2000 11:01:40 -0500
2000-12-06-18:46:50 Dom De Vitto:
Yea, generally speaking 1024 bits can be done by gov's & big corps, with (I'd speculate) a few week or so's 24x7 effort. It's worth making the keys over 1200 bits, at which point brute forcing the 128 bit crypto is often easier/quicker.
Are you sure about your numbers there? I believe the story is something more like: - A 512-bit composite was factored recently, in one of these big efforts that brings hundreds or thousands of machines to bear on the sieving; that suggests that 512-bits is pretty near today's cutting edge; - factoring gets about twice as hard for an additionl 10 bits of key length; and so - a 1024-bit key is somewhere up in the quadrillions of times harder than the current state of the art These points are weakened by a few factors with more or less importance depending on details of application; basically, Moore's law seems to be staying on track, and the factoring gurus have done a pretty good job of continuing to ride it. Factoring also sees periodic algorithmic improvements that cause it to run ahead of Moore's law, though whether those will continue, slow, or accellerate is anybody's guess. If you want to encrypt a document whose cyphertext will exposed to the public, and whose plaintext must remain secret for many, many years, I'm pretty sure I've heard folks who'd know recommending 2048-bit RSA keys, on the grounds that they would seem, under reasonable assumptions, to be of similar strength to 128-bit symmetric cypher keys. But as an illustration of the significance of the application details, for login access control purposes --- e.g. ssh --- a 768-bit key may well be adequate today. It really depends on whether you pass long-lived secrets through that encrypted tunnel. -Bennett
Attachment:
_bin
Description:
Current thread:
- [PEN-TEST] Places to find crypto craking tools Erick Arturo Perez Huemer (Dec 01)
- Re: [PEN-TEST] Places to find crypto craking tools Nicholas Harring (Dec 02)
- Re: [PEN-TEST] Places to find crypto craking tools Jose Nazario (Dec 02)
- Re: [PEN-TEST] Places to find crypto craking tools William D. Colburn (aka Schlake) (Dec 02)
- Re: [PEN-TEST] Places to find crypto craking tools Crist Clark (Dec 02)
- Re: [PEN-TEST] Places to find crypto craking tools Dom De Vitto (Dec 07)
- [PEN-TEST] Strength of RSA keys -vs- length (was Re: Places to find crypto ...) Bennett Todd (Dec 10)
- Re: [PEN-TEST] Strength of RSA keys -vs- length (was Re: Places to find crypto ...) Dom De Vitto (Dec 10)
- Re: [PEN-TEST] Strength of RSA keys -vs- length (was Re: Places to find crypto ...) Dom De Vitto (Dec 10)
- Re: [PEN-TEST] Strength of RSA keys -vs- length (was Re: Places to find crypto ...) Brian Russo (Dec 13)
- Re: [PEN-TEST] Strength of RSA keys -vs- length (was Re: Places tofind crypto ...) Camillo Särs (Dec 13)
- Re: [PEN-TEST] Strength of RSA keys -vs- length (was Re: Places tofind crypto ...) Clem Colman (Dec 13)
- Re: [PEN-TEST] Places to find crypto craking tools Jose Nazario (Dec 02)
- Re: [PEN-TEST] Places to find crypto craking tools Nicholas Harring (Dec 02)