North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: 1024-bit RSA keys in danger of compromise (fwd)
Len Sassaman <[email protected]> writes: > Prior to Bernstein's discovery the row-reduction step in factorization > could be made massively parallelizable, we believed that 1024 bit keys > would remain unfactorable essentially forever. Now, 1024 bit RSA keys look > to be factorable either presently, or in the very near future once Moore's > law is taken into account. However, at a price tag of $2 billion for a > specialized machine, we have a few years before anyone outside of the > intelligence community attempts this. > > What is most concerning to me is a few discoveries that were made while > looking into the problem of widespread use of 1024 bit keys: Out of curiosity, was there any indication that Bernstein's improvements might apply to the discrete log problem, DSA in general, and the 1024-bit limit on key size built into NIST's DSS standard? Revoking an RSA key and re-issuing a longer one might be a pain, but there's no option for that in the current GPG implementation. Cheers. -travis
|