Key Lengths

Arjen K. Lenstra, Lucent Technologies Bell Laboratories and Technische Universiteit Eindhoven

Introduction

Symmetric Encryption and Cryptographic Hashing

Asymmetric Cryptosystems

Security in Practice

Overview

Security Level

Generic Attacks

Security Level

The Cost of an Attack Effort

Relation Between Security Level and Security

Modeling the Relation

Defining Adequate Protection

The Cost of Breaking the DES

Modeling the Effect of Changes in the Computational Environment

The Cost of Adequate Protection

The Effect of Moore's Law

The Effect of the Constant of Proportionality

Alternative Definitions of Adequate Protection

Modeling the Effect of Changes in Cryptanalytic Capabilities

Symmetric Cryptosystems

Block Ciphers

Performance Considerations

Other Considerations

Symmetric Key Lengths That Offer Adequate Protection

Cryptographic Hash Functions

Cryptographic Hash Functions

Cryptanalytic Developments

Performance Considerations

Cryptographic Hash Lengths That Offer Adequate Protection

Asymmetric Methods

Private Key and Public Key

Performance Deterioration

The Design of Asymmetric Cryptosystems

Factoring and Discrete Logarithms

Other Asymmetric Cryptosystems

Factoring-Based Cryptosystems

Main Variants

Trial Division

Exponential Time Factoring Algorithms

Polynomial Time Factoring Algorithms

Subexponential Time Factoring Algorithms

Number Field Sieve

The Cost of the NFS

NFS Results

Extrapolation to Other Modulus Lengths

Cryptanalytic Developments

Small Factors

RSA Modulus Lengths ...

Get Handbook of Information Security: Information Warfare, Social, Legal, and International Issues and Security Foundations, Volume 2 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial