Asymmetric Key sizes
Brian Morrison
Brian Morrison" <bdm at fenrir.demon.co.uk
Wed, 10 Feb 1999 16:55:37
On Wed, 10 Feb 1999 15:02:15 -0000, Parker Tom TA wrote:
>Although a lot is being said about the shrinking level of security offered
>by various symmetric key sizes, with 56 bits coming in for a lot of stick,
>haven't seen anything lately on asymmetric attacks. Has anyone any
>information on the latest successful attack position on asymmetric keys, RSA
>in particular? How secure is 512 bits considered now, and why? What's the
>current recommended key size? Has anything been published that is later than
>the now rather old (January 1996) "Report by the Ad Hoc Group of
>Cryptographers and Computer Scientists"?
>
There was a posting to sci.crypt (might have been sci.crypt.research) a
few days ago stating that the RSA-140 factoring challenge had been
completed, this involves factoring a 140 digit number, a similar
process to that required to break an RSA key.
I think that this development means that it is now possible to break
512 bit RSA keys, and reduces the security of 768 bit RSA keys. I
certainly can't claim to be able to rigorously state this, but that was
the tone of the post.
A search of Dejanews would probably locate the post in question.
HTH
--
Brian Morrison bdm@fenrir.demon.co.uk
'The village populace is jumpin' on faces, catchin' the javelin,
Headin' the shot.' [FX: wet thud - "Oooo.."]