Re: [Cfrg] 1024 bit RSA

Peter Gutmann <> Sat, 05 November 2016 14:50 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5E83D1294E7 for <>; Sat, 5 Nov 2016 07:50:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -5.697
X-Spam-Status: No, score=-5.697 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.497] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id pLvj_fdzLomc for <>; Sat, 5 Nov 2016 07:50:15 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 7FF5D1294A1 for <>; Sat, 5 Nov 2016 07:50:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;;; q=dns/txt; s=mail; t=1478357414; x=1509893414; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=9v3Mo8/akxCY01BALylTC8fBDrpGtCn4hYNJPewVEnk=; b=0FXyp2mvDJI8NXdqg3lmnYNfCyoWb5wBwY6PZbVpAafOVoLfaIurgpER P9VMIQAOPDGSMe0CO5yK2kOb5WOCtbD3ut92nt2RuTtYMh5lJBxZLOy8o KXosFLcy9OgU7LbQdJupjiqsQk83z8Qy/XZktY5dp5MH7kqhgQDC/GkPP Rj+OEOnsbcAHPYNWmcrUNqkM/4DUZOl+c9bU/bK7lhruzESQBWtBhDbZT UUbC4/kODgouDXbwadSzie/6WJb4Udkyn79Onwik85N1/S2RiXjJC09p1 sjmHszLLUA09Gv0D15Sc4tlR9RrQO+WgPvCsurLsP/I6Mo7cnV+Pa5Efb A==;
X-IronPort-AV: E=Sophos;i="5.31,597,1473076800"; d="scan'208";a="113688941"
X-Ironport-Source: - Outgoing - Outgoing
Received: from (HELO ([]) by with ESMTP/TLS/AES256-SHA; 06 Nov 2016 03:50:12 +1300
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1178.4; Sun, 6 Nov 2016 03:50:13 +1300
Received: from ([]) by ([]) with mapi id 15.00.1178.000; Sun, 6 Nov 2016 03:50:13 +1300
From: Peter Gutmann <>
To: Erik Andersen <>, Cfrg <>
Thread-Topic: [Cfrg] 1024 bit RSA
Thread-Index: AdI2ru4LNTqSoFCyQtexI2PQtTMFhAASx9AAAACZ7oAAHddvTA==
Date: Sat, 05 Nov 2016 14:50:13 +0000
Message-ID: <>
References: <005a01d236b0$4b247470$e16d5d50$> <20161105141754.3d34c2ac@pc1>,<001501d23769$6c8c1820$45a44860$>
In-Reply-To: <001501d23769$6c8c1820$45a44860$>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <>
Subject: Re: [Cfrg] 1024 bit RSA
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 05 Nov 2016 14:50:17 -0000

Erik Andersen <> writes:

>This proves to me that it wrong to leave the IT standardization to vendors.

I could say the same thing about cryptographers.  Both are in fact true,
because you don't want to leave standardisation to just one single group, you
need input based on both strong theoretical analysis and real-world experience
and considerations.

Unfortunately this very rarely happens, so you get the unfortunate situation
where the theory guys look over at the vendors and say "look at the mess
they're making of our fine design" and the vendors look at the theory guys and
say "this stuff doesn't do what we need, we'll have to come up with our own
way of doing it".

There's an IEC standard in the works that's a prime illustration of the latter