On Fri, Apr 12, 2019 at 08:39:49AM -0400, Daniel Kahn Gillmor wrote: > But even taking the labeling of the "key space" as you've given it, if > your concern is that 1022 bits is too small of a key space (and it is, > given how sparse primes are!), then the right approach in 2019 is to use > 3072-bit keys (which you rightly point out are "only" choosing from a > 3070-bit "key space"), not to quibble about whether it ought to be OK to > select 2 as one of the factors. FWIW, RSA 1024bit keys have approximately 80bits of strength. RSA2048 is 112 bits (and is the minimum NIST requirement). RSA3072 is 128bit. -- rgds Stephen _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
