Understanding Problem with rsa min key length 1024
Stephen Harris
lists at spuddy.org
Sat Apr 13 01:34:59 AEST 2019
On Fri, Apr 12, 2019 at 08:39:49AM -0400, Daniel Kahn Gillmor wrote:
> But even taking the labeling of the "key space" as you've given it, if
> your concern is that 1022 bits is too small of a key space (and it is,
> given how sparse primes are!), then the right approach in 2019 is to use
> 3072-bit keys (which you rightly point out are "only" choosing from a
> 3070-bit "key space"), not to quibble about whether it ought to be OK to
> select 2 as one of the factors.
FWIW, RSA 1024bit keys have approximately 80bits of strength. RSA2048 is
112 bits (and is the minimum NIST requirement). RSA3072 is 128bit.
--
rgds
Stephen
More information about the openssh-unix-dev
mailing list