>> ... 2048-bit keys performing >> at 1/9th of 1024-bit. My own internal benchmarks have been closer to >> 1/7th to 1/8th. Either way, that's back in line with the above stated >> 90-95% overhead. Meaning, in Dan's words "2048 ain't happening."
Can I abuse a phrase and call this "binary thinking"? There is no reason that the next step after 1024 bits has to be 2048 bits. How about 1032 bits? Or 1040? Or 1104? How about 1200 bits? How about 1536? How about 1600? 1808? I have a theory that if everyone picked a pseudo-random key size above 1024 and below 2048, rather than standardizing on Yet Another Fixed Keysize, we'd avoid making a powerful incentive for bad guys to build a key-cracker optimized for one size. Which incentive we have currently created at 1024 bits. It's the Microsoft Windows of key sizes -- the target that gets you 90+% of the market. So pick a larger size than 1024 that your server load can live with, even if it isn't 2048. And don't tell anybody else what size you picked :-). John --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com