[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Crypto-smart-card startup Inside Technologies



jim bell <[email protected]> writes:

> >  [ Inside Technologies ]
> >  ..."In public-key cryptography, 512-bit keys are typical and
> >  already vulnerable.  So we are looking at 640-bit-long keys
> >  supported by a scalable design."
> 
> This kind of thing disgusts me.  We already know 512-bit keys are weak.  As
> I recall, I was told that 512 bit keys could be cracked in 20,000
> MIPS-years.  If the ballpark formula holds that adding 10 bits doubles the
> security, that merely means that 640 bits is 2**(128/10) or 8000 times
> strong.  While obviously better than 512, it is not ENOUGH better to make me
> confident that this is a long-term secure length.  768 or 1024 bits should
> be considered the minimum.  A deliberate design of 640 bits makes it look
> like it's intended to be crackable in 5-10 years, much as DES was suspected
> of a similar design decision in limiting its keylength to 56 bits.

But the "scalable design" presumably means the hardware can deal
with a variety of modulus lengths.  As you say, they would be
short-sighted to make a fixed choice.

Peter Monta   [email protected]
Qualcomm, Inc./Globalstar