RSA-130 Falls to NFS - Lenstra Posting to sci.crypt.research

Tim Dierks timd at consensus.com
Mon Apr 15 04:59:11 PDT 1996


At 12:51 AM 4/15/96, Jim Gillogly wrote:
>mpd at netcom.com (Mike Duvos) writes:
>>one?  Also, a ballpark guess of how this result extrapolates to
>>the MIPS years required to factor a 512 bit PGP key would
>>probably be of interest to all.
>
>I don't have a good guess for this, but Arjen did say that the cost to
>break RSA-130 was a fraction of what it cost to break RSA-129 because
>of the improved algorithm, so I'd guess we'll find out soon.  The next
>target of the consortium is planned to be RSA-155, I believe, which is
>above 512 bits; that means skipping RSA-140 to go for the one with the
>higher psychological value.  While 512-bit PGP keys are interesting to
>Cypherpunks, other 512-bit RSA keys are vitally important to some banks.

Also, note that 512 bits is the current exportable limit for RSA encryption.

 - Tim

Tim Dierks  --  timd at consensus.com  --  www.consensus.com
Head of Thing-u-ma-jig Engineering, Consensus Development








More information about the cypherpunks-legacy mailing list