[Remops] Generating a stronger PGP key?
lists at notatla.org.uk
lists at notatla.org.uk
Tue Mar 18 00:39:37 GMT 2014
> code has not caught up with the technology. But remember, the
> encryption strength is probably acceptable due to the fact that we are
> using it for transient messages rather than long-term file storage.
I doubt that reasoning.
15 years ago $250,000 could crack a 56-bit key in about a day.
After 10 Moore's law cycles that's 66 bits today.
1024-bit RSA may be worth about 80 bits of symmetric key.
(http://www.nsa.gov/business/programs/elliptic_curve.shtml)
If that's so some tradeoff between budget and time almost certainly
brings keys of this size into range for cracking - e.g. spend $250M
and crack a key every 16 days.
One remailer private key reveals many messages.
More information about the Remops
mailing list