Anatomy of a change – Google announces it will double its SSL key sizes

A posting from Naked Security on Google announces it will double its SSL key sizes:

Google just announced that its HTTPS web pages will be ditching 1024-bit RSA keys in favour of 2048 bits.

“Pah,” I hear you say. “I have one or two questions about that – three questions, in fact.”

  1. How is this newsworthy when many other web properties have already made the switch to 2048 bits? (Kim “Big Fella” Dotcom’s, for example.)
  2. Why switch if 1024 bits is much bigger than the largest RSA key yet known to have been cracked, at 768 bits?
  3. Why the fuss about 1024 bits anyway, if just 128 bits is considered more than enough for other encryption algorithms, such as AES?

Let’s start at the end: why thousands of bits of RSA key but only hundreds for AES?

To read more click here: 

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.