let the flaming begin or Factoring Breakthrough?

Mike Touloumtzis miket@bluemug.com
Wed Feb 27 06:45:02 2002

On Tue, Feb 26, 2002 at 10:05:57PM -0500, Gordon Worley wrote:
> On Tuesday, February 26, 2002, at 02:41  PM, Douglas Calvert wrote:
> >Well there is a story on slashdot:
> >http://slashdot.org/article.pl?sid=02/02/26/179206&mode=thread&tid=93
> >An anonymous reader sent in: "In this post  to the Cryptography Mailing
> >List, someone who knows more about math than I do claimed "effectively
> >all PGP RSA keys shorter than 2k bits are insecure, and the 2kbit keys
> >are not nearly as secure as we thought they were." Apparently Dan
> >Bernstein of qmail fame figured out how to factor integers faster on the
> >same cost hardware. Should we be revoking our keys and creating larger
> >ones? Is this "the biggest news in crypto in the last decade," as the
> >original poster claims, or only ginger-scale big?"
> Hope I'm not being too dim, but does this have any effect on 
> Diffie-Hellman keys?  I thought that the two were based on similar math.

Diffie-Hellman is based on discrete logarithm, not on factoring.
I'm not an expert and I am also certainly curious to know what effect
this discovery has on D-H and on ElGamal OpenPGP keys; there has been
a bunch of discussion on elliptic curve crypto but none that I've seen
yet on algorithms more relevant to this list...