[cryptography] [Cryptography] RSA equivalent key length/strength

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sun Sep 22 09:01:29 EDT 2013


ianG <iang at iang.org> writes:

>One mystery is left for me.  Why so much?  It clearly doesn't cost that much
>money to implement the DRBG, or if it did, I would have done it for $5m,
>honest injun!  Nor would it cost that to test it nor to deploy it on mass.
>Documentation, etc.

You're assuming that someone got passed a suitcase full of cash and that was 
it.  Far more likely that RSA got a $10M contract for some government work and 
at some point that included a request to make the ECDRBG the default for 
<insert plausible-sounding reason here>.  All quite above board, nothing 
terribly suspicious to raise eyebrows.

Peter.


More information about the cryptography mailing list