Why are 1024 bit keys the limit right now?

James A. Tunnicliffe Tunny at inference.com
Wed Jan 8 08:00:51 PST 1997 

-----BEGIN PGP SIGNED MESSAGE-----

AaronH4321 at aol.com writes:
> I am just starting at this. I know that part of RSA/PGP's strength
> comes from the size key you choose. What prevents someone from
> writting a 2048 bit key?  Is it because computers can't handle it? Is
> 1024 top of the prime number size right now? Am I way off track? 

In just about every way possible... :-)

The RSA algorithm can use keys of arbitrary length.

All current versions of PGP allow key sizes up to 2048* bits.  (When
asked for the size of the key to generate, it allows you to select 512,
768, 1024, OR TO *TYPE IN THE NUMBER OF BITS DESIRED*.) There are older,
partially incompatible versions that allow even larger keys, though
there is little reason to go higher. Beyond something like 3100 bits, it
is surmised that the 128-bit IDEA session key is easier to attack. 

As for prime numbers, no, 1024 bits isn't even close to the largest
found (there are of course an infinite number of primes).  The latest
discovery was of a Mersenne prime, the 35th such found. It was 1,398,269
bits long (all 1's, of course).

Tunny 
* OK, there is a minor bug in 2.6.2 that in some cases limits keys to
"only" 2047 bits -- the difference is utterly insignificant in terms of
security.  This message is signed by such a 2047-bit key. 
======================================================================
 James A. Tunnicliffe   | WWWeb: http://www.inference.com/~tunny
 Inference Corporation  | PGP Fingerprint:   CA 23 E2 F3 AC 2D 0C 77
 tunny at Inference.com    |                    36 07 D9 33 3D 32 53 9C
======================================================================

-----BEGIN PGP SIGNATURE-----
Version: 4.0 Business Edition
Comment: which I won in the PGP raffle at Cypherpunks 12/96...

iQEVAgUBMtPCuvAmQsmyRPddAQHQHwf+NcZ54woujQVBRRmmyH3CayYmCial2sLn
py0RvaXP9UGhY+vZU2HgtzaCor32JnrC67LsHH/2XLIEqjpsNzor7YwCtllsl55M
1lo4dkXfjg/jW0ijLTEbbEealRm1LziZVjIrTNsibq1GZ0UdwTb8nPens2iuHZBB
QJZTBkpi0yD8xnWZqvSBwjsdavJUUOy1xU4PgNE4Nr/xbWPA0OwMGOm1MSHFXxHL
xOYJvLR9905mSxh+kNdcf3SpT5JRuBjH6MQmG8GjKRGc8KoXbfUkCiXeSXlygaGA
q2/z2lO4E9eTZvlrsQN1sw8uIoKTnz3YPw9nWjXTeLWx9J7WbeGPSA==
=RzVt
-----END PGP SIGNATURE-----

More information about the cypherpunks-legacy mailing list