17 Dec
2003
17 Dec
'03
11:17 p.m.
Hilarie Orman posted that 512-bits only gives an order of 56-bits strength, 1024-bits yeilds 80-bits strength, and 2048 yields 112-bits strength. I do not have the facilities to verify her numbers.
As most of us agree that 56-bits is not enough (DES), the 512-bit prime seems a waste of time and a tempting target. I'd like to drop it, but Phil is inclined to keep it with a disclaimer.
Well, since we already require 56-bit DES in ESP in the interests of promoting basic interoperability, wouldn't a 512-bit prime be similarly sufficient? Again, I'm *not* going to recommend that people use it, only provide it for those who simply cannot use larger moduli for whatever reason (export controls or CPU limits). Phil