Yep, well, for now I'll just stick to 1024 (while we are still testing) and will try and find out more. I would really like to get hold of some kind of guidelines for choosing key sizes for different algorithms but I seem to be unable to find any. And anyway, what defines secure? For one, take SHA, it is computationally infeasable to construct two strings that hash to the same value, but it is still possible - but it is so unlikely to succeed (1/2^160 to get a string to hash to a specific value, about 1 * 10 ^ -50 iirc) that I for one would not bother trying. RSA keys are however not quite the same, the private components must be prime, and thus there are not truly 2 ^ 1024 possible keys. In addition you would like to stay away from boundaries (would prefer to have an approximately equal number of 0's and 1's). So the question remains, how do you pick the keysizes?
|