[cryptography] [Cryptography] RSA equivalent key length/strength

James A. Donald Jamesd at echeque.com
Sun Sep 22 16:59:29 EDT 2013


On 2013-09-22 23:01, Peter Gutmann wrote:
>
> You're assuming that someone got passed a suitcase full of cash and that was
> it.  Far more likely that RSA got a $10M contract for some government work and
> at some point that included a request to make the ECDRBG the default for
> <insert plausible-sounding reason here>.  All quite above board, nothing
> terribly suspicious to raise eyebrows.

Possibly, but security agencies do tend to use the suitcase full of cash 
gambit, not to mention the "we know where your children live" gambit.  
This, however, because done in secret, tends to be even more wasteful 
and expensive that the supposedly above ground government contract.

For a security agency to order a pizza costs ten million dollars.


More information about the cryptography mailing list