This preview shows page 1. Sign up to view the full content.
Unformatted text preview: 768 1024 1280 1536 2048 Mipsyears required to factor 30,000 2*108 3*1011 1*1014 3*1016 3*1020 Table 7.5 Factoring Using the Special Number Field Sieve # of bits 512 Mipsyears required to factor <200 768 1024 1280 1536 2048 100,000 3*107 3*109 2*1011 4*1014 Why not use 10,000bit keys? You can, but remember that you pay a price in computation time as your keys get longer. You want a key long enough to be secure, but short enough to be computationally usable. Earlier in this section I called making predictions foolish. Now I am about to make some. Table 7.6 gives my recommendations for publickey lengths, depending on how long you require the key to be secure. There are three key lengths for each year, one secure against an individual, one secure against a major corporation, and the third secure against a major government. Here are some assumptions from [66]: We believe that we could acquire 100 thousand machines without superhuman or unethical efforts. That is, we would not set free an Internet worm or virus to find resources for us. Many organizations have several thousand machines each on the net. Making use of their facilities would require skillful diplomacy, but should not be impossible. Assuming the 5 mips average power, and one year elapsed time, it is not too unreasonable to embark on a project which would require half a million mips years. The project to factor the 129digit number harnessed an estimated 0.03 percent of the total computing power of the Internet [1190], and they didn’t even try very hard. It isn’t unreasonable to assume that a wellpublicized project can harness 2 percent of the world’s computing power for a year. Assume a dedicated cryptanalyst can get his hands on 10,000 mipsyears, a large corporation can get 107 mipsyears, and that a large government can get 109 mipsyears. Also assume that computing power will increase by a factor of 10 every five years. And finally, assume that advances in factoring mathematics allow us to factor general numbers at the speeds of the special number field sieve. (This isn’t possible yet, but the breakthrough could occur at any...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details