On Monday 13 December 2010, Faramir wrote: > El 10-12-2010 11:41, Robert J. Hansen escribió: > ... > > > Add a new UID and revoke the old. You don't need to generate a new > > certificate. RSA-4K is, IMO, phenomenal overkill for the vast > > majority of users. Breaking RSA-2K is believed comparable in > > difficulty to breaking 3DES, and that prospect is ... let's just > > say "implausible." > > Based on Schneier's estimations in "Applied Cryptography, Second > Edition", I calculated breaking RSA 2048 would be between 1E7 and 1E9 > times harder than breaking RSA 1024 (I divided the MIPS required to > break RSA 2048 by the MIPS required to break RSA 1024). > > I know the book is old, and the estimations might be wrong, but > still... there is a huge difference between breaking RSA 1024 (which > so far has not happened), and breaking RSA 2048. It's not like > saying "it would require 2 times more computing power", it's several > orders of magnitude harder. > > If RSA 1024 becomes breakable today, and after that factorizing > keys become 1000 times easier that it is today, and computers become > 1000 times more powerful, they would still need at least 10 times > more power to break RSA 2048. Yes, a lot of if's, but still useful > to give an idea about how harder it would be.
Well, s...@home claims to have over 3 million users. Large botnets have tens of thousands slaves. GPUs are in some areas several magnitudes faster than CPUs. There go your "several orders of magnitude". Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users