Quantum computing

[Sven Radde]

Hi!

Anders Breindahl schrieb:
> So please restate that --
> even in the face of quantum computers -- we won't ever factor 256 bit
> numbers.
Apart from the fact that 256bit is about symmetric keys (a 256bit number
would be factored quite easily -- that's why we have 4096 bit RSA keys),
possible advances in cryptology are nothing that would require key
lifetimes. Once you do not feel comfortable enough with your current
keylength anymore, you can simply revoke the key manually.
Actually, predicting possible advances in fields like quantum computing
is very hard, so it would be far easier to follow the news on this topic
rather than decide *today* when your current key might become insecure
(to make a sensible decision about the expiry-date). Consequently, your
choice would have to be over-conservative (which is not necessarily a
bad thing).

Key expiry, to my understanding, is more of an automatic fallback
mechanism to limit the possible damage/inconvenience in the case that
you cannot take care of revoking the key yourself.
This does very well justify the short lifetimes that we see on keys today.

cu, Sven