[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A case for 2560 bit keys
-----BEGIN PGP SIGNED MESSAGE-----
On Mon, 8 Jul 1996, David F. Ogren wrote:
> Despite the above, there are convincing arguments for longer RSA keys.
> Instead of asking "Why should we have longer keys?", perhaps we should be
> asking "Why _shouldn't_ we have longer keys?"
>
> In a hybrid cryptosystem such as PGP, very little of the computational
> process is consumed by RSA encryption. Only a tiny fraction of the message
> is RSA encrypted (the session key), and thus the time-critical operation is
> the symmetric crypto system (IDEA for PGP).
>
> As an experiment generate a 2047 bit PGP key and a 512 bit PGP key.
> Encrypt a file (preferably of a reasonable size) using both keys.
> Depending on the computer you are using, the time difference between the
> two keys will be a matter of few seconds or even a fraction of a second.
Now try decrypting the file, or signing another file. I have a 486-66 which
is now considered hopelessly sluggish by today's standards. It takes about
5 seconds, while doing the same operation with a 512-bit key takes less than a
second. I sign every one of my messages, so such a time delay gets quite
annoying. I do have a 2048-bit key and encourage people to encrypt messages
with it, but I won't be signing messages with that key anytime soon unless
there is a much faster mpilib for PGP.
Other than that, I do completely agree with what you have written.
- -- Mark
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[email protected] | finger -l for PGP key 0xe3bf2169
http://www.voicenet.com/~markm/ | d61734f2800486ae6f79bfeb70f95348
"Freedom is the freedom to say that two plus two make four. If that
is granted, all else follows." --George Orwell, _1984_
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv
iQCVAwUBMeKcCLZc+sv5siulAQERzwP/UblIctGSBcQ+ZPxvhBchcUoEfaERUHcN
GKdJhZGV5Pb2GeQfAhG3Hsn0eHMKJFNP1AgB4Q6E4VoOhQzfOClOd4x3m9DOEmCC
ezJFg7/YxlJ7kzk8e8XYD6pXKYMWGLlsQi6lrS0wZcmsi6rmWGqr7ao7tlQA9+vg
rxNCd30uw6Y=
=yZm+
-----END PGP SIGNATURE-----