Profile picture
, 10 tweets, 4 min read Read on Twitter
RSA factoring recap since shady people are making dumb claims right now.

Caveat: They used to use decimal digits for RSA key lengths, so "RSA-100" was 330 bits.

1. 256-bit RSA keys were factorable in the 1980s. link.springer.com/content/pdf/10…
2. 512-bit RSA keys were factorable in 1999: iacr.org/archive/eurocr…
3. By 2012, you could factor 512-bit RSA keys to try to get a job interview: wired.com/2012/10/dkim-v…
4. By 2015, you could factor 512-bit RSA keys for $75 in 4 hours via an online service: seclab.upenn.edu/projects/faas/
5. The code that "Factoring as a Service" used, appears to be what the clowns today are using: cado-nfs.gforge.inria.fr
6. As for what is safe? In 2003, the estimate for factoring 1024-bit RSA keys was $10M: cs.tau.ac.il/~tromer/papers…
iacr.org/archive/asiacr…

1024-bit RSA was already suspect 15 years ago.
7. Today, NIST thinks 2048-bit RSA keys will only be viable for ~10 more years: keylength.com/en/4/

The NSA explicitly says not to use 2048-bit RSA and to upgrade anything less than 3072-bit RSA: apps.nsa.gov/iaarchive/cust…
8. In fact, the NSA was going to deprecate RSA completely for ECC in 2015, but decided to just wait to move to quantum-resistant algorithms in one jump: apps.nsa.gov/iaarchive/cust…
9. In 2019, almost nobody should be using RSA for new projects. The exceptions are very rare and will have to upgrade soon anyway.
10. Fun 512-bit RSA factoring example: @brandonlwilson factored all the update signing keys for Texas Instruments graphing calculators maybe 10 years ago: brandonw.net/calculators/ke…
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Steve Weis
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!