[kwlug-disc] Using 4096-bit RSA vs. 1024

Eric Gerlach eric+kwlug at gerlach.ca
Mon Sep 13 11:01:54 EDT 2010

On Sat, Sep 11, 2010 at 2:31 PM, unsolicited <unsolicited at swiz.ca> wrote:
> At what point does key size stop providing realistically useful economies of
> scale, vis a vis overhead imposed?
> So, for example, what is the cracking time difference between a 1024 bit and
> a 4096 bit key? Assume RSA - your point wrt DSA is taken.

Theoretically? 2^3072 times longer.  Practically?  Good question.
Less, but still exponentially larger.

> What increase in overhead occurs as keys get larger? i.e. If 4096 only
> imposes a small initial penalty (seconds) to determine a 1024 bit decryption
> key (say), that's OK. But if the larger key means extra seconds at every bit
> of data decode, that's not ok. [Perhaps I'm mixing technologies here? e.g.
> https / vpn initial key exchange (?)/ verification vs. ongoing encryption
> (pgp) keys?]

PGP actually uses a symmetric cypher for the actual encryption.  The
key to that cypher is what is encrypted using the public/private
keypair.  So the increase in time is constant no matter what the size
of the data are.  Or that's my understanding, at least.



More information about the kwlug-disc mailing list