> they estimated it would cost an attacker renting time on a commercial cloud service an average of $38 and 25 minutes to break a vulnerable 1024-bit key and $20,000 and nine days for a 2048-bit key
Can someone explain why a 2048-bit key isn't 2^1024 times as costly to break?
I don't know the answer, but since the vulnerability is because there is some structure in the chosen primes, you don't need to check all possibilities between 2^1024 and 2^2048. Only a known subset (i.e. a subset which is likely related to the 20,000/38 ratio)
Can someone explain why a 2048-bit key isn't 2^1024 times as costly to break?