[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [resend] Use of DNS to distribute keys

To: pmetzger@lehman.com
Subject: Re: [resend] Use of DNS to distribute keys
From: kaufman@zk3.dec.com
Date: Mon, 20 Sep 93 10:01:59 -0400
Cc: pem-dev@tis.com, ipsec@ans.net, namedroppers@nic.ddn.mil, kaufman@zk3.dec.com

>Make it into a 1024 bit key, the minimum you need for real security,

I couldn't let this pass.  With our current knowledge, 1024 is about
the maximum useful RSA key size, not the minimum.  512 bits is plenty
for most uses.  It is roughly where DES was 15 years ago: perhaps NSA
can afford to break it but no one else can.  If you're worried about
NSA, 640 bits is entirely adequate unless they know some mathematics
the rest of us don't.

1024 bits has the nice properties that it is a round number and that
even if machines continue to get exponentially faster it will be secure
beyond the lifetimes of anyone alive today.  It is not immune to
advances in mathematics, but there is no modulus size that is safe from
such advances; we sort of have to wait for them and then decide what
modulus size is required or even whether RSA is useful anymore.

	--Charlie
	(kaufman@zk3.dec.com)

Follow-Ups:

Re: [resend] Use of DNS to distribute keys

From: "Perry E. Metzger" <pmetzger@lehman.com>

Re: [resend] Use of DNS to distribute keys

From: "Beast (Donald E. Eastlake, 3rd)" <dee@skidrow.lkg.dec.com>

Prev by Date: Re: draft spec and pilot implementation
Next by Date: Re: [resend] Use of DNS to distribute keys
Prev by thread: Re: [resend] Use of DNS to distribute keys
Next by thread: Re: [resend] Use of DNS to distribute keys
Index(es):
- Main
- Thread