Agree that 8192-bit RSA doesn't seem like a major concern. Paranoids use 4096 now, but I suspect that's mostly biding time for wider deployment of EC and post-quantum alternatives. 8192 is getting a bit cumbersome, and the steps beyond that get nasty in fairly short order.
Absence of mature post-quantum asymmetric encryption is a problem, but it's a separate issue and doesn't really make a strong case for 8192-bit RSA in the HSM. -- Sent from a phone, please excuse brevity and typos. _______________________________________________ Tech mailing list [email protected] https://lists.cryptech.is/listinfo/tech
