RSA 1024 ridiculous
Remco Post
r.post at sara.nl
Sat Jun 16 15:49:35 CEST 2007
Snoken wrote:
> Hi,
> I just read the latest CRYPTO-GRAM, June 15, 2007, by Bruce Schneier.
> He writes:
>
> "We have a new factoring record: 307 digits (1023 bits). It's a
> special number -- 2^1039 - 1 -- but the techniques can be
> generalized. Expect regular 1024-bit numbers to be factored soon. I
> hope RSA application users would have moved away from 1024-bit
> security years ago, but for those who haven't yet: wake up.
> http://www.physorg.com/news98962171.html "
>
> I suppose this means that 1024 bit RSA-keys are ridiculous and the
> Open PGP Card is a joke. And what about all web sites protected by
> SSL with a 1024-bit RSA-certificate?
As I read the article, last time it took 9 years to generalize the
method used for the special number to any number. Now, my key is valid
for one year, and I expect messages protected by that key to be a secret
for maybe a year longer, that means that at the current rate I'll be
able to use my card for at least 5 more years end maybe longer.
And then still, it takes 11 months on a huge cluster of computers to
factor out my key, or to compare, all of the compute power available in
this country for a substantial amount of time.
I guess you're right, if the nsa is after you, you need stronger keys.
If it's just anybody else, I'd say you'll be safe for a few more years.
Your ssl certificates will have expired by that time, and maybe a 2048
bit openpgp card will be available (at a reasonable prise).
> Snoken
>
_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
--
Met vriendelijke groeten,
Remco Post
SARA - Reken- en Netwerkdiensten http://www.sara.nl
High Performance Computing Tel. +31 20 592 3000 Fax. +31 20 668 3167
PGP Key fingerprint = 6367 DFE9 5CBC 0737 7D16 B3F6 048A 02BF DC93 94EC
"I really didn't foresee the Internet. But then, neither did the
computer industry. Not that that tells us very much of course - the
computer industry didn't even foresee that the century was going to
end." -- Douglas Adams
More information about the Gnupg-users
mailing list