On Fri, Aug 13, 2010 at 02:55:32PM -0500, eric.lengve...@wellsfargo.com wrote:
> 
> The big drawback is that those who want to follow NIST's
> recommendations to migrate to 2048-bit keys will be returning to
> the 2005-era overhead. Dan Kaminsky provided some benchmarks in a
> different thread on this list [1] that showed 2048-bit keys performing
> at 1/9th of 1024-bit. My own internal benchmarks have been closer to
> 1/7th to 1/8th. Either way, that's back in line with the above stated
> 90-95% overhead. Meaning, in Dan's words "2048 ain't happening."

Indeed.  The way forward would seem to be ECC, but show me a load balancer
or even a dedicated SSL offload device which supports ECC.  I'm not even
certain the popular clients, which are usually well ahead of everything
else in terms of cryptography support, can cope with it.  The only place
it seems to be consistently used is in proprietary client/server software
for mobile devices, as has been the case for years.

Thor

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Reply via email to