RE: Why are 1024 bit keys the limit right now?

-----BEGIN PGP SIGNED MESSAGE----- AaronH4321@aol.com writes:
I am just starting at this. I know that part of RSA/PGP's strength comes from the size key you choose. What prevents someone from writting a 2048 bit key? Is it because computers can't handle it? Is 1024 top of the prime number size right now? Am I way off track?
In just about every way possible... :-) The RSA algorithm can use keys of arbitrary length. All current versions of PGP allow key sizes up to 2048* bits. (When asked for the size of the key to generate, it allows you to select 512, 768, 1024, OR TO *TYPE IN THE NUMBER OF BITS DESIRED*.) There are older, partially incompatible versions that allow even larger keys, though there is little reason to go higher. Beyond something like 3100 bits, it is surmised that the 128-bit IDEA session key is easier to attack. As for prime numbers, no, 1024 bits isn't even close to the largest found (there are of course an infinite number of primes). The latest discovery was of a Mersenne prime, the 35th such found. It was 1,398,269 bits long (all 1's, of course). Tunny * OK, there is a minor bug in 2.6.2 that in some cases limits keys to "only" 2047 bits -- the difference is utterly insignificant in terms of security. This message is signed by such a 2047-bit key. ====================================================================== James A. Tunnicliffe | WWWeb: http://www.inference.com/~tunny Inference Corporation | PGP Fingerprint: CA 23 E2 F3 AC 2D 0C 77 tunny@Inference.com | 36 07 D9 33 3D 32 53 9C ====================================================================== -----BEGIN PGP SIGNATURE----- Version: 4.0 Business Edition Comment: which I won in the PGP raffle at Cypherpunks 12/96... iQEVAgUBMtPCuvAmQsmyRPddAQHQHwf+NcZ54woujQVBRRmmyH3CayYmCial2sLn py0RvaXP9UGhY+vZU2HgtzaCor32JnrC67LsHH/2XLIEqjpsNzor7YwCtllsl55M 1lo4dkXfjg/jW0ijLTEbbEealRm1LziZVjIrTNsibq1GZ0UdwTb8nPens2iuHZBB QJZTBkpi0yD8xnWZqvSBwjsdavJUUOy1xU4PgNE4Nr/xbWPA0OwMGOm1MSHFXxHL xOYJvLR9905mSxh+kNdcf3SpT5JRuBjH6MQmG8GjKRGc8KoXbfUkCiXeSXlygaGA q2/z2lO4E9eTZvlrsQN1sw8uIoKTnz3YPw9nWjXTeLWx9J7WbeGPSA== =RzVt -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- On Wed, 8 Jan 1997, James A. Tunnicliffe wrote:
All current versions of PGP allow key sizes up to 2048* bits. (When asked for the size of the key to generate, it allows you to select 512, 768, 1024, OR TO *TYPE IN THE NUMBER OF BITS DESIRED*.) There are older, partially incompatible versions that allow even larger keys, though there is little reason to go higher. Beyond something like 3100 bits, it is surmised that the 128-bit IDEA session key is easier to attack.
RSAREF limits the size of the key being generated to 1024 bits. RSADSI permitted PGP to distribute a slightly altered version that supports keys up to 2048 bits with the U.S. version. 2.6.3 does not have the altered RSAREF code, so the U.S. version cannot use keys larger than 1024 bits (unless, of course, one uses the rsaref library distributed with 2.6.2). Mark -----BEGIN PGP SIGNATURE----- Version: 2.6.3 Charset: noconv iQEVAwUBMtQLkCzIPc7jvyFpAQHGywf9ErGW2MWT/W0fMytbsuRXj0oc+BkYdgZE iJwfTBE7Fm6M8P8J/g+iGfIU/UTJyn8A0FpIaAtCT3Thzj2ocVl+uYos85P15gE1 JPwSMQYji+mS0l2gx7vFQr0IfKfn3jRxq9AukbQaSPTbUB2SaN1jHig+O0o2YD16 32/hJMjuEerfLpjrgjHU01g0Km2ft3xdIv1zBEAqJipUUXVdieaSnEOSuDzoxEde BW561hJpNpra6oZmga7qkgHVomRehXxbnBiX/NFh59mPA2N+OC+u5zHNgd2vVwVt w6yHWc/UFZtTx58QDFecboQO+ybcpc/i/vNr0b2VFLxAluqjZTxHVg== =nv7R -----END PGP SIGNATURE-----

There is no PGP 2.6.3; at least not that came from MIT... Someone else may have made something claiming to be 2.6.3, but it did not originate from MIT. -derek "Mark M." <markm@voicenet.com> writes:
-----BEGIN PGP SIGNED MESSAGE-----
On Wed, 8 Jan 1997, James A. Tunnicliffe wrote:
All current versions of PGP allow key sizes up to 2048* bits. (When asked for the size of the key to generate, it allows you to select 512, 768, 1024, OR TO *TYPE IN THE NUMBER OF BITS DESIRED*.) There are older, partially incompatible versions that allow even larger keys, though there is little reason to go higher. Beyond something like 3100 bits, it is surmised that the 128-bit IDEA session key is easier to attack.
RSAREF limits the size of the key being generated to 1024 bits. RSADSI permitted PGP to distribute a slightly altered version that supports keys up to 2048 bits with the U.S. version. 2.6.3 does not have the altered RSAREF code, so the U.S. version cannot use keys larger than 1024 bits (unless, of course, one uses the rsaref library distributed with 2.6.2).
Mark -----BEGIN PGP SIGNATURE----- Version: 2.6.3 Charset: noconv
iQEVAwUBMtQLkCzIPc7jvyFpAQHGywf9ErGW2MWT/W0fMytbsuRXj0oc+BkYdgZE iJwfTBE7Fm6M8P8J/g+iGfIU/UTJyn8A0FpIaAtCT3Thzj2ocVl+uYos85P15gE1 JPwSMQYji+mS0l2gx7vFQr0IfKfn3jRxq9AukbQaSPTbUB2SaN1jHig+O0o2YD16 32/hJMjuEerfLpjrgjHU01g0Km2ft3xdIv1zBEAqJipUUXVdieaSnEOSuDzoxEde BW561hJpNpra6oZmga7qkgHVomRehXxbnBiX/NFh59mPA2N+OC+u5zHNgd2vVwVt w6yHWc/UFZtTx58QDFecboQO+ybcpc/i/vNr0b2VFLxAluqjZTxHVg== =nv7R -----END PGP SIGNATURE-----
-- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) Home page: http://www.mit.edu:8001/people/warlord/home_page.html warlord@MIT.EDU PP-ASEL N1NWH PGP key available

On 8 Jan 1997, Derek Atkins wrote:
There is no PGP 2.6.3; at least not that came from MIT... Someone else may have made something claiming to be 2.6.3, but it did not originate from MIT.
There is a pgp 2.6.3i. Apparently, it's another "international" version. I believe it's on one of the usual sites, but I don't know what's changed in it. -- Good government. Good government. Sit. Stay.
participants (4)
-
Derek Atkins
-
James A. Tunnicliffe
-
Jason Burrell
-
Mark M.