提出问题
对称加密的位数?
非对称加密的位数?
Hash 算法的位数?
分析问题
1 | >>> 2 ** 65 |
1 | 1044388881413152506691752710716624382579964249047383780384233483283953907971557456848826811934997558340890106714439262837987573438185793607263236087851365277945956976543709998340361590134383718314428070011855946226376318839397712745672334684344586617496807908705803704071284048740118609114467977783598029006686938976881787785946905630190260940599579453432823469303026696443059025015972399867714215541693835559885291486318237914434496734087811872639496475100189041349008417061675093668333850551032972088269550769983616369411933015213796825837188091833656751221318492846368125550225998300412344784862595674492194617023806505913245610825731835380087608622102834270197698202313169017678006675195485079921636419370285375124784014907159135459982790513399611551794271106831134090584272884279791554849782954323534517065223269061394905987693002122963395687782878948440616007412945674919823050571642377154816321380631045902916136926708342856440730447899971901781465763473223850267253059899795996090799469201774624817718449867455659250178329070473119433165550807568221846571746373296884912819520317457002440926616910874148385078411929804522981857338977648103126085903001302413467189726673216491511131602920781738033436090243804708340403154190336L |
上面这个数是一个 1234 位的数,但是它的 key size or key length 却是 4096 位的。
解决问题
英语里,十进制数字的位数用 digit 来表示,二进制数字的位数用 bit 来表示。
With a key of length n bits, there are 2 power n possible keys.
Hash Function 中一般指的是 Output size (bits),例如,SHA-512,指的是 Output size 是 512 bits 的。
asymmetric 和 symmetric algorithm 中 key size 的简单换算关系。
For example, the security available with a 1024-bit key using asymmetric RSA is considered approximately equal in security to an 80-bit key in a symmetric algorithm (Source: RSA Security).
RSA key 的长度目前为多少是合适的?
As of 2003 RSA Security claims that 1024-bit RSA keys are equivalent in strength to 80-bit symmetric keys, 2048-bit RSA keys to 112-bit symmetric keys and 3072-bit RSA keys to 128-bit symmetric keys.[citation needed] RSA claims that 1024-bit keys are likely to become crackable some time between 2006 and 2010 and that 2048-bit keys are sufficient until 2030.[citation needed] An RSA key length of 3072 bits should be used if security is required beyond 2030.[12] NIST key management guidelines further suggest that 15360-bit RSA keys are equivalent in strength to 256-bit symmetric keys.[13]
RSA claims that 1024-bit keys are likely to become crackable some time between 2006 and 2010 and that 2048-bit keys are sufficient until 2030.
RSA 已经声明 1024 位不安全了,现在推荐的是 2048 位(2030 年之前)。