On Aug 17, 2010, at 10:25 PM, John Gilmore wrote:
> (Given their prediction that they won't be done with a 1024-bit number
> within 5 years, but they will be done "well within the next decade",
> which 1024-bit number are they starting to factor now? I hope it's a
> major key that certifies big
> It's worth a quote from the paper at CRYPTO '10 on factorization of a
> 768-bit number:
A good paper by top academics.
> Another conclusion from
> our work is that we can confidently say that if we restrict ourselves to
> an open community, academic effort such as ours and unless something
> dr
On 2010-08-17 3:46 PM, Jonathan Katz wrote:
Many on the list may already know this, but I haven't seen it mentioned
on this thread. The following paper (that will be presented at Crypto
tomorrow!) is most relevant to this discussion:
"Factorization of a 768-bit RSA modulus",
http://eprint.iacr.or
On Tue, 17 Aug 2010, Steven Bellovin wrote:
They also suggest that a 3-4 year phase-out of 1024-bit moduli is the proper
course.
Note that this is because they take into consideration that secrets have
to be unbreakable for decade(s), which is not the case for all uses of
RSA. For example in
Forwarded at Andrew's request.
Original Message
Subject: Re: 2048-bit RSA keys
Date: Tue, 17 Aug 2010 19:11:55 -0500 (CDT)
From: Andrew Odlyzko
To: Samuel Neves
CC: cryptography@metzdowd.com
It is not unreasonable to consider the possibili
On Aug 17, 2010, at 5:19 10PM, Samuel Neves wrote:
> On 17-08-2010 21:42, Perry E. Metzger wrote:
>> On Tue, 17 Aug 2010 22:32:52 +0200 Simon Josefsson
>> wrote:
>>> Bill Stewart writes:
>>>
Basically, 2048's safe with current hardware
until we get some radical breakthrough
like
On 17-08-2010 21:42, Perry E. Metzger wrote:
> On Tue, 17 Aug 2010 22:32:52 +0200 Simon Josefsson
> wrote:
>> Bill Stewart writes:
>>
>>> Basically, 2048's safe with current hardware
>>> until we get some radical breakthrough
>>> like P==NP or useful quantum computers,
>>> and if we develop hard
On Tue, 17 Aug 2010 22:32:52 +0200 Simon Josefsson
wrote:
> Bill Stewart writes:
>
> > Basically, 2048's safe with current hardware
> > until we get some radical breakthrough
> > like P==NP or useful quantum computers,
> > and if we develop hardware radical enough to
> > use a significant fracti
Bill Stewart writes:
> Basically, 2048's safe with current hardware
> until we get some radical breakthrough
> like P==NP or useful quantum computers,
> and if we develop hardware radical enough to
> use a significant fraction of the solar output,
> we'll probably find it much easier to eavesdrop
On Tue, Aug 17, 2010 at 1:46 AM, Joseph Ashwood wrote:
>
> The storage required for 2048 is approximately 2^64 bytes...
>
And from the density (1TB per cubic inch) in US Patent Application
20090094406, that gives about 70,000 gallons of memory or about 14 of
my father-in-law's average sized backya
FAIR DISCLOSURE: I am the inventor of some of the technology quoted,
specifically US Patant Application 20090094406. And just to plug myself even
more, yes the technology is for sale.
--
From: "Bill Stewart"
Subject: Re: 2048-bit RSA
On Sun, 15 Aug 2010, Paul Hoffman wrote:
At 9:34 AM -0700 8/15/10, Ray Dillinger wrote:
I'm under the impression that <2048 keys are now insecure mostly due
to advances in factoring algorithms that make the attack and the
encryption effort closer to, but by no means identical to, scaling
with t
At 01:54 PM 8/16/2010, Perry E. Metzger wrote:
On Mon, 16 Aug 2010 12:42:41 -0700 Paul Hoffman
wrote:
> At 11:35 AM +1000 8/16/10, Arash Partow wrote:
> >Just out of curiosity, assuming the optimal use of today's best of
> >breed factoring algorithms - will there be enough energy in our
> >solar
On Mon, 16 Aug 2010 12:42:41 -0700 Paul Hoffman
wrote:
> At 11:35 AM +1000 8/16/10, Arash Partow wrote:
> >Just out of curiosity, assuming the optimal use of today's best of
> >breed factoring algorithms - will there be enough energy in our
> >solar system to factorize a 2048-bit RSA integer?
>
>
On Aug 15, 2010, at 8:35 PM, Arash Partow wrote:
> Just out of curiosity, assuming the optimal use of today's best of breed
> factoring algorithms - will there be enough energy in our solar system to
> factorize a 2048-bit RSA integer?
Computation can be performed with arbitrarily small energy
At 11:35 AM +1000 8/16/10, Arash Partow wrote:
>Paul Hoffman wrote:
>>You are under the wrong impression, unless you are reading vastly different
>>crypto literature than the rest of us are. RSA-1024 *might* be possible to
>>break in public at some point in the next decade, and RSA-2048 is a few
Paul Hoffman wrote:
You are under the wrong impression, unless you are reading vastly different
crypto literature than the rest of us are. RSA-1024 *might* be possible to
break in public at some point in the next decade, and RSA-2048 is a few orders
of magnitude harder than that.
Just out o
17 matches
Mail list logo