1994-06-22 - Re: Unofficial Release

Header Data

From: “Perry E. Metzger” <perry@imsi.com>
To: Roger Bryner <bryner@atlas.chem.utah.edu>
Message Hash: f38eb6fb87a327987a9724f7e55b027eafda2cc189190637f7279ae2cbbaa639
Message ID: <9406221934.AA03452@snark.imsi.com>
Reply To: <Pine.3.89.9406221330.A20389-0100000@atlas.chem.utah.edu>
UTC Datetime: 1994-06-22 19:35:16 UTC
Raw Date: Wed, 22 Jun 94 12:35:16 PDT

Raw message

From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 22 Jun 94 12:35:16 PDT
To: Roger Bryner <bryner@atlas.chem.utah.edu>
Subject: Re: Unofficial Release
In-Reply-To: <Pine.3.89.9406221330.A20389-0100000@atlas.chem.utah.edu>
Message-ID: <9406221934.AA03452@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Roger Bryner says:
> On Wed, 22 Jun 1994, Perry E. Metzger wrote:
> > The conversation was predicated on the notion that no major
> > breakthrough in factoring has occured, as I explicitly said. A minor
> What reason do you have to believe that this will be the case?  Why is it 
> foolish to use available and cheap computer power to hedge your bets?

Because it isn't cheap, first of all. If you wanted to run a
completely secure internet, for example (a problem I am currently
working on) the cost of all those RSAs really DOES show up, and fast.

Because using a 2000 bit key already is a sign of madness -- an 8000
bit one is beyond the pale (doesn't anyone understand exponential
blowup here?)

Because if you have a polynomial factoring algorithm doubling the key
size will no longer provide any real protection for very valuable
data.

Because once your RSA key is big enough the conventional key you use
becomes the weak link and any increase in the size ends up being
rubble bouncing.

Perry





Thread