The combination of symmetric encryption algorithms like AES and asymmetric encryption algorithms like RSA is what makes secure communication over the Internet possible. Basically, SSL uses the asymmetric encryption algorithm to securely exchange a symmetric encryption key. Then it's that symmetric key that actually encrypts all the data between your browser and a web server.
Think about it. What happens if you use a strong asymmetric key to exchange a weak symmetric key? What happens if you use a weak asymmetric key to exchange a strong symmetric key? That's right, if either key is weak, it doesn't matter which one, someone can decrypt the data and eavesdrop on your "secure" communication.
The trick to ensuring a certain level of security is to use symmetric and asymmetric keys of equivalent strength. In general, an asymmetric key must be much larger than a symmetric key. To remove the guesswork, I found an article from the NSA that lays out NIST recommendations for equivalent encryption key sizes. The article actually focuses on new elliptic curve asymmetric algorithms that reduce the disparty between current symmetric and asymmetric key sizes.
| Symmetric Key Size | RSA and Diffie-Hellman Key Size | Elliptic Curve Key Size |
|---|---|---|
| 80 | 1024 | 160 |
| 112 | 2048 | 224 |
| 128 | 3072 | 256 |
| 192 | 7680 | 384 |
| 256 | 15360 | 521 |
It's definitely disturbing that the 1024 bit and even the 2048 bit RSA keys used today by major e-commerce sites and banks are providing less than 128 bits of equivalent symmetric encryption. It's common to see a 256 bit AES symmetric key exchanged using a 1024 bit RSA key-pair. You and probably your bank think you're getting 256 bit encryption, but you really may only have 80 bits between you and hackers. With some hackers in control of hundreds of thousands of computers, it won't be long before they can crack such encryption with ease - if they aren't doing so already.
Posted by JoshC at May 8, 2007 7:27 AMhttp://www.joshchristie.com/weblog/mt/mt-tb.cgi/187
Listed below are links to weblogs that reference 'Equivalent cryptographic key sizes' from Josh Christie's Weblog.
Josh Christie's Weblog
What I'm Reading
Where I've Been
Exercise
Articles
Projects
Resume
Contact me
