[kwlug-disc] Using 4096-bit RSA vs. 1024

Eric Gerlach eric+kwlug at gerlach.ca
Mon Sep 13 11:01:54 EDT 2010


On Sat, Sep 11, 2010 at 2:31 PM, unsolicited <unsolicited at swiz.ca> wrote:
> At what point does key size stop providing realistically useful economies of
> scale, vis a vis overhead imposed?
>
> So, for example, what is the cracking time difference between a 1024 bit and
> a 4096 bit key? Assume RSA - your point wrt DSA is taken.

Theoretically? 2^3072 times longer.  Practically?  Good question.
Less, but still exponentially larger.

> What increase in overhead occurs as keys get larger? i.e. If 4096 only
> imposes a small initial penalty (seconds) to determine a 1024 bit decryption
> key (say), that's OK. But if the larger key means extra seconds at every bit
> of data decode, that's not ok. [Perhaps I'm mixing technologies here? e.g.
> https / vpn initial key exchange (?)/ verification vs. ongoing encryption
> (pgp) keys?]

PGP actually uses a symmetric cypher for the actual encryption.  The
key to that cypher is what is encrypted using the public/private
keypair.  So the increase in time is constant no matter what the size
of the data are.  Or that's my understanding, at least.

Cheers,

Eric




More information about the kwlug-disc mailing list