[cryptography] [Cryptography] RSA equivalent key length/strength

Lucky Green shamrock at cypherpunks.to
Wed Sep 18 17:23:11 EDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2013-09-14 08:53, Peter Fairbrother wrote:

> I get that 1024 bits is about on the edge, about equivalent to 80
> bits or a little less, and may be crackable either now or sometime
> soon.

Moti Young and others wrote a book back in the 90's (or perhaps) 80's,
that detailed the strength of various RSA key lengths over time. I am
too lazy to look up the reference or locate the book on my bookshelf.
Moti: help me out here? :-)

According to published reports that I saw, NSA/DoD pays $250M (per
year?) to backdoor cryptographic implementations. I have knowledge of
only one such effort. That effort involved DoD/NSA paying $10M to a
leading cryptographic library provider to both implement and set as
the default the obviously backdoored Dual_EC_DRBG as the default RNG.

This was $10M wasted. While this vendor may have had a dominating
position in the market place before certain patents expired, by the
time DoD/NSA paid the $10M, few customers used that vendor's
cryptographic libraries.

There is no reason to believe that the $250M per year that I have seen
quoted as used to backdoor commercial cryptographic software is spent
to any meaningful effect.

- ---Lucky

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)

iQIcBAEBAgAGBQJSOhm/AAoJEARVjUj9NCi09/wP/jlBE78qlZdPctkhXXC8CblP
oOYD7OhrxP5eaI6UVHN8gJBZidrYZmGp6a9bGLtqzLZmx1L2DEhrKojyUy8lic71
LyZs2ulIY6GU87xr4k7w9ce25+WvK7LviGCjq1WfRxJtmoTSUpNcRI/CNHHnueWE
lGKFip0RVS0YPnVvgQ5pvDmJUW+2vb/4xi6cx592TaQKmgRQoY7gsFCDwuJsy3K/
OUhaEoM6OIMkboCU7CAtC7w1sqP+6GnDg0ZEUvZ8ILFkPYKyEGgJ+RNiUNOsMlIt
dvCEgmT1jL6tgZWHfByAfsYN54uWp5QMuL277ZKlvcjF2KNN7cPcsA4Y76RxTH7L
7gnzB2aQUn13O4dsmsB/54Mbg2Y+LvYCa40Q5RIi45evjANxx9Bx3sFMr3HbXArO
ijT081OUy6/tZYDXruWHlh3j4RAYp/fHecm4/25pQS9NrTAQnaCCnGMHRiP6/PEw
GtMWsW3TkDts3h41HJ5wU6Rppr1hX3pRn1ZgeNJbtRezcC4BL0pTX0PEZ76bhXze
231wdd15/Fnb8e30HbWLUiRSLKAbY4KWSdfdZBRzty7ZiiCTI3O8vQLg2Ld0iR1a
VYZX+hySDG8ZJvj8qoN3d7AR9q7WJk554aOSGb1ooBafm4YjbzAVglu/Afi48DHu
xZFLLjzDm5BhP5eGvsli
=TsSq
-----END PGP SIGNATURE-----


More information about the cryptography mailing list