Time for the paranoid to start upgrading keys

MathWorld News is reporting that RSA-640 has been factored. F. Bahr, M. Boehm, J. Franke, and T. Kleinjung, memebers of the German Federal Agency for Information Technology Security (BSI) announced they had cracked the 193-digit number last Friday using the General Number Field Sieve. The team purportedly used 80 opteron CPUs and 5 months to achieve victory.”

I realise that 1024bit keys are exponentially bigger then 640bit, however this shows that the time to crack 1024bit keys are getting awfully close to useless when dealing with material that needs a longish life span, not to mention some of the root certificates in browsers are still 1024bit, and even if it took these guys 5 times as long, those certificates are still going to be valid when they get finished.

And people complained about the 4096bit certificate CAcert uses ­čÖé (well complained because not all apps supported key sizes bigger then 1024bit!)

PS found this website, which gives a break down of how long you can expect varying keylengths to be good for.

2 thoughts on “Time for the paranoid to start upgrading keys

  1. acdha

    I found this somewhat interesting simply from the low-cost perspective – I have 80 opterons sitting in the machine room upstairs and our lab isn’t particularly large or lavishly funded. Someone with better resources might have custom hardware but I suspect it’d be faster just to use one of those 100k+ botnets to go after one of the weaker CA keys.

    Toss in things like the persistence of SSLv2 support or export-grade encryption and it’s starting to look a bit risky to be doing business over the web…

  2. Duane Post author

    It’s a little soon to be getting jittery, 640 bit to 1024 bit is quite a leap (2^80 to 2^112 ie 2^32 times bigger equivolent key space), and the people with the sort of resources to break those kinds of keys are just as likely to be able to get them directly from Verisign in any case.

    I’m personally more worried about Verisign and the huge conflict of interest they have with both control of DNS and control of root certificates in all browsers.

Leave a Reply