{"id":311,"date":"2008-01-31T22:02:50","date_gmt":"2008-02-01T02:02:50","guid":{"rendered":"http:\/\/blogs.law.harvard.edu\/zeroday\/2008\/01\/31\/cracking-1024-bit-rsa-keys\/"},"modified":"2008-01-31T22:02:50","modified_gmt":"2008-02-01T02:02:50","slug":"cracking-1024-bit-rsa-keys","status":"publish","type":"post","link":"https:\/\/archive.blogs.harvard.edu\/zeroday\/2008\/01\/31\/cracking-1024-bit-rsa-keys\/","title":{"rendered":"Cracking 1024 bit RSA keys"},"content":{"rendered":"<p>The next time someone raves about the advances of computing ask them about this challenge.  Truly a benchmark for the next 100 years in computing a paper published by Adi Shamir and Eran Tromer entitled <a href=\"http:\/\/people.csail.mit.edu\/tromer\/papers\/cbtwirl.pdf\">&#8220;On the Cost of Factoring RSA-1024&#8221;<\/a> [pdf] hypothesizes a device which could &#8220;break a 1024-bit RSA key in <strong>one year<\/strong> using a devices whose cost is about $10M&#8221;.  emphasis mine.<br \/>\n$10M is a sizable amount of start up cost so this type of power certainly isn&#8217;t going to fall into the hands of criminal organizations (maybe narco lords in South America) but defense agencies could certainly handle this type of cost.  It isn&#8217;t difficult to imagine a scenario where a message is important enough to necessitate this type of effort.  However advances such as <a href=\"http:\/\/en.wikipedia.org\/wiki\/Perfect_forward_secrecy\">perfect forward secrecy<\/a> make even these herculean efforts less effective.  Courts have been dealing with this issue in a different way.  <a href=\"http:\/\/www.news.com\/8301-13578_3-9834495-38.html\"> Some realize they can&#8217;t coerce a private key<\/a> while  <a href=\"http:\/\/www.theregister.co.uk\/2007\/11\/14\/ripa_encryption_key_notice\/\">others attempt to force decryption<\/a> with the threat of jail time.  My question is how well does Moore&#8217;s law really fit here?  Using the simple 1\/2 price in 1 year version of this axiom we can expect to crack 1024 bit keys with as little as $10k (in one year) 10 years from now.  <\/p>\n","protected":false},"excerpt":{"rendered":"<p>The next time someone raves about the advances of computing ask them about this challenge. Truly a benchmark for the next 100 years in computing a paper published by Adi Shamir and Eran Tromer entitled &#8220;On the Cost of Factoring RSA-1024&#8221; [pdf] hypothesizes a device which could &#8220;break a 1024-bit RSA key in one year [&hellip;]<\/p>\n","protected":false},"author":214,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[272,271],"tags":[],"class_list":["post-311","post","type-post","status-publish","format-standard","hentry","category-digital-warfare","category-rights-online"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/posts\/311","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/users\/214"}],"replies":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/comments?post=311"}],"version-history":[{"count":0,"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/posts\/311\/revisions"}],"wp:attachment":[{"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/media?parent=311"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/categories?post=311"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/zeroday\/wp-json\/wp\/v2\/tags?post=311"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}