RSA Weak?

Robert J. Hansen rjh at
Fri Nov 2 19:59:05 CET 2007

Robert D. wrote:
> Did someone write that there is some school of thought that RSA is no
> longer very strong? Or, is the meaning that it's likely to take 900
> years instead of 100 years to crack?

RSA has never lived up to people's grand expectations.  Advances in
computers and algorithms cause the sorts of RSA keys we can attack to
creep ever so gradually upwards.  It's reasonable to think that within a
decade an attacker with a ridiculous amount of resources will be able to
break RSA-1024.

Our current crop of conventional techniques will likely stall out there.

> Just curious. I have RSA 4096's ... could change them easily enough if
> someone convinced me to do it.

Not even people with RSA-1024 keys should be doing this.  RSA-1024 is
only insufficient if you have things you need to keep secret from
phenomenally well-equipped people who are willing to spend millions of
dollars to recover your data.

Even if you have adversaries like this, it is still very unlikely they
would ever actually do it.  There are much more cost-effective ways to
get your confidential information than spend millions of dollars
breaking your RSA-1024 key.

This is not something to be concerned about.

More information about the Gnupg-users mailing list