提出问题

  • 对称加密的位数?

  • 非对称加密的位数?

  • Hash 算法的位数?

分析问题

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
>>> 2 ** 65
36893488147419103232L
>>> 2 ** 1024
17976931348623159077293051907890247336179769789423065727343008115773267580550096
31327084773224075360211201138798713933576587897688144166224928474306394741243777
67893424865485276302219601246094119453082952085005768838150682342462881473913110
540827237163350510684586298239947245938479716304835356329624224137216L
>>> 2 ** 4096
10443888814131525066917527107166243825799642490473837803842334832839539079715574
56848826811934997558340890106714439262837987573438185793607263236087851365277945
95697654370999834036159013438371831442807001185594622637631883939771274567233468
43445866174968079087058037040712840487401186091144679777835980290066869389768817
87785946905630190260940599579453432823469303026696443059025015972399867714215541
69383555988529148631823791443449673408781187263949647510018904134900841706167509
36683338505510329720882695507699836163694119330152137968258371880918336567512213
18492846368125550225998300412344784862595674492194617023806505913245610825731835
38008760862210283427019769820231316901767800667519548507992163641937028537512478
40149071591354599827905133996115517942711068311340905842728842797915548497829543
23534517065223269061394905987693002122963395687782878948440616007412945674919823
05057164237715481632138063104590291613692670834285644073044789997190178146576347
32238502672530598997959960907994692017746248177184498674556592501783290704731194
33165550807568221846571746373296884912819520317457002440926616910874148385078411
92980452298185733897764810312608590300130241346718972667321649151113160292078173
8033436090243804708340403154190336L
>>>
1
1044388881413152506691752710716624382579964249047383780384233483283953907971557456848826811934997558340890106714439262837987573438185793607263236087851365277945956976543709998340361590134383718314428070011855946226376318839397712745672334684344586617496807908705803704071284048740118609114467977783598029006686938976881787785946905630190260940599579453432823469303026696443059025015972399867714215541693835559885291486318237914434496734087811872639496475100189041349008417061675093668333850551032972088269550769983616369411933015213796825837188091833656751221318492846368125550225998300412344784862595674492194617023806505913245610825731835380087608622102834270197698202313169017678006675195485079921636419370285375124784014907159135459982790513399611551794271106831134090584272884279791554849782954323534517065223269061394905987693002122963395687782878948440616007412945674919823050571642377154816321380631045902916136926708342856440730447899971901781465763473223850267253059899795996090799469201774624817718449867455659250178329070473119433165550807568221846571746373296884912819520317457002440926616910874148385078411929804522981857338977648103126085903001302413467189726673216491511131602920781738033436090243804708340403154190336L

上面这个数是一个 1234 位的数,但是它的 key size or key length 却是 4096 位的。

解决问题

英语里,十进制数字的位数用 digit 来表示,二进制数字的位数用 bit 来表示。

With a key of length n bits, there are 2 power n possible keys.

Hash Function 中一般指的是 Output size (bits),例如,SHA-512,指的是 Output size 是 512 bits 的。

  • asymmetric 和 symmetric algorithm 中 key size 的简单换算关系。

    For example, the security available with a 1024-bit key using asymmetric RSA is considered approximately equal in security to an 80-bit key in a symmetric algorithm (Source: RSA Security).

  • RSA key 的长度目前为多少是合适的?

    As of 2003 RSA Security claims that 1024-bit RSA keys are equivalent in strength to 80-bit symmetric keys, 2048-bit RSA keys to 112-bit symmetric keys and 3072-bit RSA keys to 128-bit symmetric keys.[citation needed] RSA claims that 1024-bit keys are likely to become crackable some time between 2006 and 2010 and that 2048-bit keys are sufficient until 2030.[citation needed] An RSA key length of 3072 bits should be used if security is required beyond 2030.[12] NIST key management guidelines further suggest that 15360-bit RSA keys are equivalent in strength to 256-bit symmetric keys.[13]

    RSA claims that 1024-bit keys are likely to become crackable some time between 2006 and 2010 and that 2048-bit keys are sufficient until 2030.

    RSA 已经声明 1024 位不安全了,现在推荐的是 2048 位(2030 年之前)。

参考文献