ianG writes: > On 14/09/13 18:53 PM, Peter Fairbrother wrote: > > But, I wonder, where do these longer equivalent figures come from? > > http://keylength.com/ (is a better repository to answer your question.)
I assume that web site only takes account of time, it does not base its calculations to cost of doing cracking, which would also include the space needed to do the actual calculations. Old paper from year 2000 which takes also space calculations in to account http://www.emc.com/emc-plus/rsa-labs/historical/a-cost-based-security-analysis-key-lengths.htm says that to crack 1620 bit RSA key you need 10^10 years, with 158000 machines each having 1.2*10^14 bytes (120 Tb) of memory (year 2000 $10 trillion estimate). Cost of that amount of memory today would still be quite high (at $3-$10 per GB, the price would be hundreds of thousands - over million dollars per machine). Most of key size calculations in the net only take account the time needed, not the space at all, thus they assume that memory is free. For symmetric crypto cracking that is true, as you do not need that much of memory, for public keys that is not true for some of the algoritms. -- kivi...@iki.fi _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography