[147562] in cryptography@c2.net mail archive
Re: [Cryptography] Universal security measures for crypto primitives
daemon@ATHENA.MIT.EDU (grarpamp)
Mon Oct 7 19:34:44 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <1C105E86-11D2-49E0-ACB8-FCBCB98AA168@lrw.com>
Date: Mon, 7 Oct 2013 17:10:14 -0400
From: grarpamp <grarpamp@gmail.com>
To: cypherpunks@cpunks.org
Cc: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Oct 7, 2013, at 1:43 AM, Peter Gutmann <pgut001@cs.auckland.ac.nz> wrote:
> Given the recent debate about security levels for different key sizes, the
> following paper by Lenstra, Kleinjung, and Thome may be of interest:
>
> "Universal security from bits and mips to pools, lakes and beyond"
> http://eprint.iacr.org/2013/635.pdf
On Mon, Oct 7, 2013 at 10:46 AM, Jerry Leichter <leichter@lrw.com> wrote:
> Then: "...fundamental limits will let you make about 3*10^94 ~ 2^315 [bit] flips
> and store about 2^315 bits
Then perhaps by the time that engine gets near 256 bits done crunching you,
any given secret holder will be either dead, too old / pardonable, or
society will
have moved on, thereby placing the secret into one of historical value only. It
would probably also cost about 2^315 bits to build and operate. Not many
100yr secrets out there besides grand conspiracies and whodunit's, and those
don't really need crypto. Might as well bump everything to 512 just to
be safe from
physics ;)
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography