Skip to content

1024bit reichen wirklich nicht mehr aus

Zu Beginn des Jahres 2003 veröffentlichte Adi Shamir mit Eran Tromer einen Bericht über Spezialhardware zur Faktorisierung großer Zahlen. Insbesondere die Abschätzung des Kostenaufwandes von 10 Millionen Euro für das Knacken eines 1024bit-RSA-Schlüssels innerhalb eines Jahres ließ die Fachwelt aufhorchen. Nunmehr ist das Design der Hardware verbessert worden und die geschätzten Kosten liegen bei einem Zehntel der obigen Summe. Das stellt doch eine massive Verbesserung dar. Wenn diese Schätzungen stimmen, dann kann es auch schon größeren Institutionen möglich sein, derartige Software zum Einsatz zu bringen.

Daher kann ich allen nur raten: Setzt Schlüssellängen von 2048 Bit oder besser ein.

Andere Notizen finden sich hier, hier oder hier.

Die Quelle stammt von Steven Bellovin:

Open to the Public

DATE: TODAY * TODAY * TODAY * WEDNESDAY, Sept. 14 2005
TIME: 4:00 p.m. - 5:30 p.m.
PLACE: 32-G575, Stata Center, 32 Vassar Street
TITLE: Special-Purpose Hardware for Integer Factoring
SPEAKER: Eran Tromer, Weizmann Institute

Factoring of large integers is of considerable interest in cryptography and algorithmic number theory. In the quest for factorization of larger integers, the present bottleneck lies in the sieving and matrix steps of the Number Field Sieve algorithm. In a series of works, several special-purpose hardware architectures for these steps were proposed and evaluated.

The use of custom hardware, as opposed to the traditional RAM model, offers major benefits (beyond plain reduction of overheads): the possibility of vast fine-grained parallelism, and the chance to identify and exploit technological tradeoffs at the algorithmic level.

Taken together, these works have reduced the cost of factoring by many orders of magnitude, making it feasible, for example, to factor 1024-bit integers within one year at the cost of about US$1M (as opposed to the trillions of US$ forecasted previously). This talk will survey these results, emphasizing the underlying general ideas.

Joint works with Adi Shamir, Arjen Lenstra, Willi Geiselmann, Rainer Steinwandt, Hubert K?pfer, Jim Tomlinson, Wil Kortsmit, Bruce Dodson, James Hughes and Paul Leyland.

Trackbacks

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.
BBCode format allowed
E-Mail addresses will not be displayed and will only be used for E-Mail notifications.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

You can use [geshi lang=lang_name [,ln={y|n}]][/geshi] tags to embed source code snippets.
Form options
cronjob