[info] 307 digit number factored

Eugen Leitl <eugen at leitl.org> on Tue May 22 06:53:44 UTC 2007 
----- Forwarded message from Victor Duchovni <Victor.Duchovni at MorganStanley.com> -----

From: Victor Duchovni <Victor.Duchovni at MorganStanley.com>
Date: Mon, 21 May 2007 16:32:10 -0400
To: cryptography at metzdowd.com
Subject: Re: 307 digit number factored
User-Agent: Mutt/1.5.9i

On Mon, May 21, 2007 at 02:44:28PM -0400, Perry E. Metzger wrote:

> http://www.physorg.com/news98962171.html
> 
> My take: clearly, 1024 bits is no longer sufficient for RSA use for
> high value applications, though this has been on the horizon for some
> time. Presumably, it would be a good idea to use longer keys for all
> applications, including "low value" ones, provided that the slowdown
> isn't prohibitive. As always, I think the right rule is "encrypt until
> it hurts, then back off until it stops hurting"...

When do the Certicom patents expire? I really don't see ever longer RSA
keys as the answer, and the patents are I think holding back adoption...

FWIW, Postfix 2.5 in Q1 08 will have EC support when compiled with (likely
officially released by then) OpenSSL 0.9.9, the recommended curve is
"prime256v1" with "secp384r1" for "encrypt until it hurts" users :-).

The other issue is that sites will need multiple certs during any
transition from RSA to ECC, because the entire Internet won't upgrade
overnight. I am not expecting public CAs to cooperate by charging the
same price for two certs (RSA and ECC) for the same subject name(s),
this also may significantly impede migration.

With EECDH one can use ECDH handshakes signed with RSA keys, but that
does not really address any looming demise of 1024 bit RSA.

-- 

 /"\ ASCII RIBBON                  NOTICE: If received in error,
 \ / CAMPAIGN     Victor Duchovni  please destroy and notify
  X AGAINST       IT Security,     sender. Sender does not waive
 / \ HTML MAIL    Morgan Stanley   confidentiality or privilege,
                                   and use is prohibited.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
More information about the info mailing list