Eddy Nigg (StartCom Ltd.) wrote: > [...] > However more interesting is this reference:
No, that is not more interesting. It's been known for a year or two that keys around 600 bits were broken, and it was therefore already quite obvious that 768 wasn't safe today. But *only* 15000 computers and *only* one year to break a key size that a large number of actually really important keys use is much bigger news. If I need to be excruciatingly clear, what's to stop a pirate of using one of the larger botnet currently in existence to distributively break one of those keys ? Even if any one slave will not be constantly working on it or not be as powerful as the machines Kapersky takes in it's calculation, some of those botnets have up to 1.5 million machines: http://www.vnunet.com/vnunet/news/2144375/botnet-operation-ruled-million How much money is Verisign's 1024 bits "Class 3 Public Primary Certification Authority" worth for pirates ? Don't you think a lot ? I'd frankly much prefer to hear that Kapersky have their math wrong by one or two factors. But I'll take very seriously an annonce by someone who already has broken a 660 bits key, and not assume it's the case. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
