On 09/09/2013 08:59 AM, Yoav Nir wrote: > Those tables are mostly quoting NIST publications, so while it seems > like there's many sources, they're not really independent. There are > academic results in factoring 768-bit numbers, so with sufficient > thrust (and the NSA has more thrust than most academics), it's > perfectly logical to suspect that the NSA can factor 1024-bit > numbers. That would be a breakage of RSA, not D-H or DSA.
Hello, While I am not in par with the advances in solving the DLOG problem, the ECRYPT 2010 report on key sizes mentions in section 6.1: "According to the state of the art the difficulty of solving DLOG in prime order fields of size 2^n is, up to constants, asymptotically equivalent to that of breaking n-bit RSA". Given that all reports on key sizes agree on that (ECRYPT is not related to NIST in any way), I wouldn't ignore these recommendations. regards, Nikos _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
