let the flaming begin or Factoring Breakthrough?
Thu Feb 28 00:40:02 2002
-----BEGIN PGP SIGNED MESSAGE-----
On Wednesday 27 February 2002 14:24, Janusz A. Urbanowicz wrote:
> Ingo [Kl_cker] wrote/napisa³[a]/schrieb:
> -- Start of PGP signed section.
> > I doubt it very much. Hundreds of cryptography experts all over the
> > world are at most making baby steps on improving factoring
> > algorithms. And now the author of qmail (is he a mathematician?)
> > found out how to factor integers faster? That's not very likely. Do
> > you have a link where Dan Bernstein describes his breakthrough?
> First, he is a mathematician and a cryptographer. On the Internet he
> is mostly known for qmail and his personal attitude, but he is also
> one of 'first wave' of crypto researchers, and a cryptographer
> (author of Snuffle algorithm over which he is still in court with US
Sorry for doubting that he was a mathematician.
> The paper in question is actually here I suppose:
> And I thing raising the warning limits for RSA key generation would
> be a Right Thing.
O.k., I read the paper. What Dan does is propose the usage of a special
computer (instead of a general-purpose computer) which can sort in
linear time (by parallelization) for one of the steps in the Number
Field Sieve Algorithm. By this the average factorization time could
indeed be drastically reduced. The only problem is that this machine
doesn't exist yet. Of course the NSA could easily built such a machine.
So if you have to hide information from the NSA you'd better use
stronger RSA keys. Otherwise your 1024 bit RSA keys are still safe
enough. New RSA keys should IMO nevertheless have at least 2048 bits.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----