1024 or 2048??

Johan Wevers johanw@vulcan.xs4all.nl
Sun Apr 14 21:34:01 2002

Josh Huber wrote:

> Of course, at that point, it would be much easier to use social
> engineering tactics to get the information than trying to break the
> encryption.

In that case, questioning techniques like "if you don't give us the key you
loose your other fingers too" are likely to be used.

> Also, I wonder what would be "faster", brute forcing the symmetric
> encryption on the payload, or factoring to get the key?

A 128 bit symetric key is roughly comparable to a 2048 bit RSA or DH key.
But since the asymetric key is used often and the symetric session key
only once it is logical to make those keys a bit stronger than the symetric
key. Also, the strength of RSA and DH is still based on mathematical
assumptions that are unproven (but not proven false either).

ir. J.C.A. Wevers         //  Physics and science fiction site:
johanw@vulcan.xs4all.nl   //  http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html