Profile picture
Steve Weis
@sweis
, 10 tweets, 4 min read Read on Twitter
RSA factoring recap since shady people are making dumb claims right now.

Caveat: They used to use decimal digits for RSA key lengths, so "RSA-100" was 330 bits.

1. 256-bit RSA keys were factorable in the 1980s. link.springer.com/content/pdf/10…
2. 512-bit RSA keys were factorable in 1999: iacr.org/archive/eurocr…
3. By 2012, you could factor 512-bit RSA keys to try to get a job interview: wired.com/2012/10/dkim-v…
4. By 2015, you could factor 512-bit RSA keys for $75 in 4 hours via an online service: seclab.upenn.edu/projects/faas/
5. The code that "Factoring as a Service" used, appears to be what the clowns today are using: cado-nfs.gforge.inria.fr
6. As for what is safe? In 2003, the estimate for factoring 1024-bit RSA keys was $10M: cs.tau.ac.il/~tromer/papers…
iacr.org/archive/asiacr…

1024-bit RSA was already suspect 15 years ago.
7. Today, NIST thinks 2048-bit RSA keys will only be viable for ~10 more years: keylength.com/en/4/

The NSA explicitly says not to use 2048-bit RSA and to upgrade anything less than 3072-bit RSA: apps.nsa.gov/iaarchive/cust…
8. In fact, the NSA was going to deprecate RSA completely for ECC in 2015, but decided to just wait to move to quantum-resistant algorithms in one jump: apps.nsa.gov/iaarchive/cust…
9. In 2019, almost nobody should be using RSA for new projects. The exceptions are very rare and will have to upgrade soon anyway.
10. Fun 512-bit RSA factoring example: @brandonlwilson factored all the update signing keys for Texas Instruments graphing calculators maybe 10 years ago: brandonw.net/calculators/ke…
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Steve Weis
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Related threads

Profile picture
Ian Dunt
@IanDunt
Right well, the most historic day in parliament since the last one is about to kick off. You can follow along here parliamentlive.tv/Event/Index/ff…
I'll be covering it, ageing in real time, pretty much throughout, apart from when I dash out for vaping, Gregg's sausage rolls, and eventually probably gin and tonics.
Loads of shit to get through before the crucial debate. It's basically a timetable from the depths of hell.
Read 284 tweets
Profile picture
Tracybeanz
@tracybeanz
People in the media need to start underst. where the American people are. We are THRILLED that POTUS walked out of that meeting with Pelosi after what she pulled today. Stop feigning how appalled you are and begin to understand we KNOW you too are complicit in this coup attempt.
I am really outraged right now that all of a sudden these quasi representatives are screaming about working together. They are hanging on for dear life because they know what is about to hot and there is no way out. NO WAY OUT.
No amount of gaslighting will cover up the wrongdoing and it’s time to just understand that it’s over for you. It’s over. Hang tight, folks. The moments we have been waiting for are legitimately almost here.
Read 8 tweets
Profile picture
afrispheric
@afrispheric
People mocking Peter Obi for often using China as example of how Nigeria should grow are patently ignorant.

Within forty years, China has gone from a dirt poor country to the second largest economy in the world, lifting HUNDREDS OF MILLIONS of its citizens out of poverty.
China recorded CONSISTENT growth within that period.

It educated its citizens and attracted billions in foreign investments.

China in the process became the manufacturing capital of the world, a point that has huge implications.
As companies moved different levels of manufacturing to china, skills were transfered.

Those transfered skills are what was used to create the many indigenous Chinese companies that are now active outside of China.
Read 6 tweets
Profile picture
⚢⚧🌸The Sacrifice is Made🌸🧜🏾‍♀️🦋
@SakuraNoSeirei
Right then.

And so, finally, I get to turn my attention to the shambles that is the #FairPlay4Women guidance.

Hooray!!!

I'll be breaking up the posting times of this, so the whole thing will likely take a couple of hours to come through.

Stay awhile, and listen

1/n
But before we dive into the nitty gritty of what’s wrong with it (everything), let’s step back a bit and look at the big picture here. This is a consultation that is set up to look at the issue of making it easier for trans and intersex people to get a GRC to correct...

2/n
, or adjust, the initial info recorded on their birth certificate when it was first issued. That would be ALL trans and intersex people(and before you chime in with your usual bullshit, do you know what it is that actual intersex organisations say about trans people...

3/n
Read 102 tweets
Profile picture
Stealth Jeff
@drawandstrike
Dumb people not paying attention during the campaign have this idea Trump vowed to deport all the DACA kids or something.

It's not true. He NEVER said he'd deport them all. He said he'd overturn Obama's ILLEGAL EXECUTIVE ORDER that gave them temporary status.
Congress writes immigration law, NOT the President.

What Trump has always said is that as far as the DACA kids are concerned, it's Congresses job to deal with it. Obama did a power grab,

Trump will reverse it & finally let Congress do it's job on the issue.
But somehow this gets turned into absurd idea that Trump 'promised' he was gonna deport all the DACA kids to Mexico or something.

Why are people so stupid?

My mentions right now:

"TRUMP'S BREAKING HIS PROMISE TO DEPORT THE DACA KIDS! WAAAH WAAAAH!"
Read 13 tweets
Profile picture
Ellen Broad
@ellenbroad
Making me uneasy right now: tech "solutionism" extending to tech ethics. I've spoken to several tech teams, in different organisations, who are developing their own ethics principles/frameworks without doing any ethics research or engaging with ethicists. 1/
The terminology can be alienating, and there are rarely clear answers, but choosing not to acquaint yourself with the field at *all* in translating ethics for tech is...naive at best, arrogant/ignorant at worst.
I'm not an ethicist, but in the course of investigating AI ethics I've learnt *so much* from business ethicists, public service ethicists, classical ethicists. About how ethics principles have been applied and when things go wrong. These help me make my thoughts sharper.
Read 6 tweets

Trending hashtags

#computer #Else #WeThePeople #women #PrideMonth #WhyHideHundredsofCalls #Epstein #Tear #Bird #PascoProud #multiple #fight #proven #cliche #trumphotel #DEFLECTION #You #ChildTrafficking #Trump #Gelbwesten #2020Election #breakfast #Marcon #Beautiful #futureofwork
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!