[10702] in cryptography@c2.net mail archive
Re: Schneier on Bernstein factoring machine
daemon@ATHENA.MIT.EDU (Jeremey Barrett)
Tue Apr 16 20:30:31 2002
Date: Tue, 16 Apr 2002 15:12:51 -0500
From: Jeremey Barrett <jeremey@rot26.com>
To: cryptography@wasabisystems.com
Message-ID: <20020416201251.GR19196@jfm.net>
Reply-To: jeremey@rot26.com
Mail-Followup-To: cryptography@wasabisystems.com
Mime-Version: 1.0
Content-Type: text/plain; x-action=sign; format=text
Content-Disposition: inline
In-Reply-To: <755111c1c4c1eb673cac766510c5a354@remailer.privacy.at>
On Tue, Apr 16, 2002 at 08:44:06PM +0200, Anonymous wrote:
> Bruce Schneier writes in the April 15, 2002, CRYPTO-GRAM,
> http://www.counterpane.com/crypto-gram-0204.html:
>
> > But there's no reason to panic, or to dump existing systems. I don't think
> > Bernstein's announcement has changed anything. Businesses today could
> > reasonably be content with their 1024-bit keys, and military institutions
> > and those paranoid enough to fear from them should have upgraded years ago.
> >
> > To me, the big news in Lucky Green's announcement is not that he believes
> > that Bernstein's research is sufficiently worrisome as to warrant revoking
> > his 1024-bit keys; it's that, in 2002, he still has 1024-bit keys to revoke.
>
> Does anyone else notice the contradiction in these two paragraphs?
> First Bruce says that businesses can reasonably be content with 1024 bit
> keys, then he appears shocked that Lucky Green still has a 1024 bit key?
> Why is it so awful for Lucky to "still" have a key of this size, if 1024
> bit keys are good enough to be "reasonably content" about?
>
My read of this is not that Bruce thought Lucky silly for having 1024-bit
keys, but rather that *if* Lucky has had them until now, it shows that they
aren't really old-hat, thrown out by every half-sensible cryptographer
years ago, that in fact it's reasonable to assume they're still "reasonably"
secure (for some definition of "reasonably").
I have no idea if that's what Bruce intended, but that's how I took it.
Regards,
Jeremey.
--
Jeremey Barrett [jeremey@rot26.com] Key: http://rot26.com/gpg.asc
GnuPG fingerprint: 716E C811 C6D9 2B31 685D 008F F715 EB88 52F6 3860
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
