Jerry Leichter leich...@lrw.com writes:
Do we really believe we won't be able to
attack a 1024 bit key with a sufficiently large budget even in 10
years? ...
Currently, the cryptographic cost of an attack is ... 0. How many
attacks have there been? Perhaps the perceived value of owning
On Wed, Oct 14, 2009 at 10:43:48PM -0400, Jerry Leichter wrote:
If the constraints elsewhere in the system limit the number of bits of
signature you can transfer, you're stuck. Presumably over time you'd
want to go to a more bit-efficient signature scheme, perhaps using
ECC.
Even plain