At 9:34 AM -0700 8/15/10, Ray Dillinger wrote:
>I'm under the impression that <2048 keys are now insecure mostly due
>to advances in factoring algorithms that make the attack and the
>encryption effort closer to, but by no means identical to, scaling
>with the same function of key length.
You are
What looks like to be an applicable paper. Not the same set of authors as
the earlier reference to USENIX.
Experimental Security Analysis of a Modern Automobile
Karl Koscher, Alexei Czeskis, Franziska Roesner, Shwetak Patel, and
Tadayoshi Kohno
Department of Computer Science and Engineering Unive
If an attacker creating a special-purpose machine to break your keys is
a realistic scenario, why are you even considering keys of that size?
Best regards,
Samuel Neves
On 15-08-2010 04:25, John Gilmore wrote:
>>> ... 2048-bit keys performing
>>> at 1/9th of
Ray Dillinger writes:
>On Fri, 2010-08-13 at 14:55 -0500, eric.lengve...@wellsfargo.com wrote:
>
>> The big drawback is that those who want to follow NIST's recommendations
>> to migrate to 2048-bit keys will be returning to the 2005-era overhead.
>> Either way, that's back in line with the above
On Fri, 2010-08-13 at 14:55 -0500, eric.lengve...@wellsfargo.com wrote:
> Moore's law helped immensely here. In the last 5 years systems have gotten
> about 8 times faster, reducing the processing cost of crypto a lot.
> The big drawback is that those who want to follow NIST's recommendations
>> ... 2048-bit keys performing
>> at 1/9th of 1024-bit. My own internal benchmarks have been closer to
>> 1/7th to 1/8th. Either way, that's back in line with the above stated
>> 90-95% overhead. Meaning, in Dan's words "2048 ain't happening."
Can I abuse a ph
