A case for 2560 bit keys

Deranged Mutant WlkngOwl at unix.asb.com
Wed Jul 10 00:47:32 PDT 1996


On  8 Jul 96 at 23:09, David F. Ogren wrote:
[..]
> Despite the above, there are convincing arguments for longer RSA keys.  
> Instead of asking "Why should we have longer keys?", perhaps we should be 
> asking "Why _shouldn't_ we have longer keys?"
 
> In a hybrid cryptosystem such as PGP, very little of the computational 
> process is consumed by RSA encryption.  Only a tiny fraction of the message 
> is RSA encrypted (the session key), and thus the time-critical operation is 
> the symmetric crypto system (IDEA for PGP).
> 
> As an experiment generate a 2047 bit PGP key and a 512 bit PGP key.  
> Encrypt a file (preferably of a reasonable size) using both keys.  
> Depending on the computer you are using, the time difference between the 
> two keys will be a matter of few seconds or even a fraction of a second.

Depends on the computers one uses, and who you are computing with. 
I've heard some horror stories of people using PGP modified to handle 
4kbit or 8kbit keys on 286s that waited <i>days</i> to generate keys 
and hours to sign or decrypt messages.

If you're exchanging messages with people using fast computers, 
lerger key sizes are practical.  Otherwise you need to take the issue 
of key-size/speed tradoff seriously.

> It seems foolish that we use RSA keys that are less secure than our IDEA 
> session keys.  Our RSA keys are much more valuable than our session keys.  
[..]

If very improved factoring methods are discovered, it might not 
matter.  If a new method of cryptanalysis against IDEA comes out, 
that might make RSA key-sizes a non-issue.

AFAIK, PGPlib will support multiple public key and private key 
algorithms.

Rob

 
---
No-frills sig.
Befriend my mail filter by sending a message with the subject "send help"
Key-ID: 5D3F2E99 1996/04/22 wlkngowl at unix.asb.com (root at magneto)
        AB1F4831 1993/05/10 Deranged Mutant <wlkngowl at unix.asb.com>
Send a message with the subject "send pgp-key" for a copy of my key.






More information about the cypherpunks-legacy mailing list