[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Summary of key derivation thread

To: Hugo Krawczyk <hugo@ee.technion.ac.il>
Subject: Re: Summary of key derivation thread
From: Russ Housley <housley@vigilsec.com>
Date: Tue, 10 Dec 2002 16:11:42 -0500
Cc: ipsec@lists.tislabs.com, daw@mozart.cs.berkeley.edu
In-Reply-To: <Pine.GSO.4.21.0212101839450.4667-100000@ee.technion.ac.il>
References: <5.2.0.9.2.20021210075142.02a63088@mail.binhost.com>
Sender: owner-ipsec@lists.tislabs.com

Hugo:

Thanks for the clarifications.  More on my second question.

> > Question 2:  Based on the NIST key management recommendations, a 80 
> bits of
> > security is adequate for protecting sensitive government information until
> > 2015, and 112 bits of security is adequate until 2030.  Which of these
> > targets is the mandatory-to-implement aiming at?  Or, are we after
> > something in the middle, say 96 bits?
>
>I do not know what the "market answer" to this is.
>But even if you take the "NIST minimum" of 80, you need to go for
>a modulus longer than 1024, probably 1200 bits (Hilarie may have precise
>estimates). For 96 bits you already need to exceed the 2048-bit keys.

The NIST key management guidance indicates that 1024-bit Diffie-Hellman and 
1024-bit RSA provide 80 bits of security.  Are you suggesting that this 
guidance is way off?

Russ

Follow-Ups:
- Re: Summary of key derivation thread
  - From: Hugo Krawczyk <hugo@ee.technion.ac.il>

References:
- Re: Summary of key derivation thread
  - From: Russ Housley <housley@vigilsec.com>
- Re: Summary of key derivation thread
  - From: Hugo Krawczyk <hugo@ee.technion.ac.il>

Prev by Date: Re: speaking of keys
Next by Date: Re: Summary of key derivation thread
Prev by thread: Re: Summary of key derivation thread
Next by thread: Re: Summary of key derivation thread
Index(es):
- Date
- Thread