Samuel Neves wrote:
If an attacker creating a special-purpose machine to break your keys is
a realistic scenario, why are you even considering keys of that size?
What's the threat model?
If the set of possible actors includes first world SIGINT agencies, then yes,
it is a reasonable
... 2048-bit keys performing
at 1/9th of 1024-bit. My own internal benchmarks have been closer to
1/7th to 1/8th. Either way, that's back in line with the above stated
90-95% overhead. Meaning, in Dan's words 2048 ain't happening.
Can I abuse a phrase and
If an attacker creating a special-purpose machine to break your keys is
a realistic scenario, why are you even considering keys of that size?
Best regards,
Samuel Neves
On 15-08-2010 04:25, John Gilmore wrote:
... 2048-bit keys performing
at 1/9th of
