[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Summary of key derivation thread
Hugo:
Thanks for the clarifications. More on my second question.
> > Question 2: Based on the NIST key management recommendations, a 80
> bits of
> > security is adequate for protecting sensitive government information until
> > 2015, and 112 bits of security is adequate until 2030. Which of these
> > targets is the mandatory-to-implement aiming at? Or, are we after
> > something in the middle, say 96 bits?
>
>I do not know what the "market answer" to this is.
>But even if you take the "NIST minimum" of 80, you need to go for
>a modulus longer than 1024, probably 1200 bits (Hilarie may have precise
>estimates). For 96 bits you already need to exceed the 2048-bit keys.
The NIST key management guidance indicates that 1024-bit Diffie-Hellman and
1024-bit RSA provide 80 bits of security. Are you suggesting that this
guidance is way off?
Russ