On Tue, 2 Jul 2002, Boris Lorenz wrote:
Yuppa,
times. So even 2048 bits are really paranoid - assumed some agency use weeks of computing power of the billion dollar machine to break *your* 1024 SSH/SSL/TLS RSA key..
Quite right. On the other hand, I wouldn't even bet on a 2048 bit key in the wake of recent efforts (and steps forward) in quantum computing, but that's prolly just me.
There have been big steps in quantum computing, but it's far from usable. At the moment it's still hard to create something like a five bit computer with AND and OR gates. And there is no chance to initialize a quantum computer with 10kb (normal size of a secret email) , as you have to load the complete document to decode. If this will be possible, all normal ciphers will be out of date. Then just say good bye to it all.
Fact is that good intelligence can be obtained by traffic analysis alone. In most cases, it's not necessary to brute-force into an encrypted message, so the key size alone is a good, but not the only factor in this "game".
That is a real argument to increase the key size or change keys on a regular base. To prevent intelligent attacks to the key you should also hide the type of information that is transmitted (increasing entropy by sending nonsense). Michael Schmidt Icewolf