{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

applied cryptography - protocols, algorithms, and source code in c

Thus arguments about the security of cryptographic

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: years from now, we may be able to factor anything. I think that is unlikely, though. Not everyone will agree with my recommendations. The NSA has mandated 512-bit to 1024-bit keys for their Digital Signature Standard (see Section 20.1)—far less than I recommend for long-term security. Pretty Good Privacy (see Section 24.12) has a maximum RSA key length of 2047 bits. Arjen Lenstra, the world’s most successful factorer, refuses to make predictions past 10 years [949]. Table 7.8 gives Ron Rivest’s key-length recommendations, originally made in 1990, which I consider much too optimistic [1323]. While his analysis looks fine on paper, recent history illustrates that surprises regularly happen. It makes sense to choose your keys to be resilient against future surprises. Table 7.7 Long-range Factoring Predictions Year Key Length (in bits) 1995 2005 2015 2025 2035 2045 1024 2048 4096 8192 16,384 32,768 Low estimates assume a budget of $25,000, the quadratic sieve algorithm, and a technology advance of 20 percent per year. Average estimates assume a budget of $25 million, the general number field sieve algorithm, and a technology advance of 33 percent per year. High estimates assume a budget of $25 billion, a general quadratic sieve algorithm running at the speed of the special number field sieve, and a technology advance of 45 percent per year. There is always the possibility that an advance in factoring will surprise me as well, but I factored that into my calculations. But why trust me? I just proved my own foolishness by making predictions. DNA Computing Now it gets weird. In 1994 Leonard M. Adleman actually demonstrated a method for solving an NP-complete problem (see Section 11.2) in a biochemistry laboratory, using DNA molecules to represent guesses at solutions to the problem [17]. (That’s “solutions” meaning “answers,” not meaning “liquids containing solutes.” Terminology in this field is going to be awkward.) The problem that Adleman solved was an instance of the Directed Hamiltonian Path problem: Given a map of cities connected...
View Full Document

{[ snackBarMessage ]}

Ask a homework question - tutors are online