17 Dec
2003
17 Dec
'03
11:17 p.m.
Adam Shostack writes:
The key does indeed have a high likelihood of being unique, but dealing with 1024 bit identifiers could strain database systems, especially when 100 well chosen bits would be than enough.
Hence the suggestion to use a hash of the key instead of the key itself. Someone pointed out that a uniformly distributed 1024 bit prime has something like 1014 bits of entropy. An md5 hash of the key should have about 128 bits of entropy, with the probability of a collision among 2^33 keys (one per person, worldwide) being about 1 in 2^95, or about 1 in 10^29. Sounds like we're safe, even without straining our databases.