Hacker News new | comments | show | ask | jobs | submit login

Also of note is that NIST recommends ephemeral Diffie-Hellman - not RSA - for key exchange

For the exact same reason this post is written, because RSA keys do not scale linearly and become "expensive".

I honestly couldn't get through the rest of the article, if you don't think securing information is a high priority, then you probably work for gawker.




EDH SSL still uses RSA.


Could you explain what causes RSA keys to "not scale linearly"? I don't seem to recall any part of the protocol being non-linear in the key length.


It was more in terms of comparison with security strength vs key length. For example, 3072 bit RSA keys are equivalent in security strength to 128-bit symmetric keys. To reach 256-bit security strength equivalence, you need 15360-bit RSA keys. [1](Page 63)

1. http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-P...


I hadn't thought of it that way. Thanks for the clarification.


Also I think my numbers are correct, for every double of key length size in RSA, it is 8x more expensive to compute.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: