Cracking 1024 bit RSA keys

The next time someone raves about the advances of computing ask them about this challenge. Truly a benchmark for the next 100 years in computing a paper published by Adi Shamir and Eran Tromer entitled “On the Cost of Factoring RSA-1024” [pdf] hypothesizes a device which could “break a 1024-bit RSA key in one year using a devices whose cost is about $10M”. emphasis mine.
$10M is a sizable amount of start up cost so this type of power certainly isn’t going to fall into the hands of criminal organizations (maybe narco lords in South America) but defense agencies could certainly handle this type of cost. It isn’t difficult to imagine a scenario where a message is important enough to necessitate this type of effort. However advances such as perfect forward secrecy make even these herculean efforts less effective. Courts have been dealing with this issue in a different way. Some realize they can’t coerce a private key while others attempt to force decryption with the threat of jail time. My question is how well does Moore’s law really fit here? Using the simple 1/2 price in 1 year version of this axiom we can expect to crack 1024 bit keys with as little as $10k (in one year) 10 years from now.

Post a Comment

You must be logged in to post a comment.