This Article 
 Bibliographic References 
 Add to: 
The Curse of Cryptographic Numerology
May/June 2011 (vol. 9 no. 3)
pp. 70-72
Ian Grigg, Financial Cryptographer
Peter Gutmann, University of Auckland
Cryptographic numerology states that as long as your encryption keys are at least "this big," you're fine, even if none of the surrounding infrastructure benefits from that size or even works at all. The significant slowdown arising from the application of cryptographic numerology will discourage the global uptake of cryptographically secured protocols because of the unnecessary crypto costs. Such an approach is making us less, not more, secure.

1. "RSA-155 Is Factored!" RSA Laboratories, 22 Aug. 1999;
2. T. Kleinjung et al., "Factorization of a 768-Bit RSA Modulus," report 2010/006, Cryptology ePrint Archive, 6 Jan. 2010;
3. R. Silverman, "A Cost-Based Security Analysis of Symmetric and Asymmetric Key Lengths," RSA CryptoBytes Bulletins, no. 13, Apr. 2000;
4. A. Shamir, "Cryptology: A Status Report," Turing award lecture (video), 2002; http://awards.acm.orgcitation.cfm?id=0028491&aw=140&ao=AMTURING&yr=2002 .
5. P. Bright, "Independent Iranian Hacker Claims Responsibility for Comodo Hack," blog, 28 Mar. 2011; .
6. D. Geer, K.S. Hoo, and A. Jaquith, "Information Security: Why the Future Belongs to the Quants," IEEE Security & Privacy, vol. 1, no. 4, 2003, pp. 24–32.
7. "HTTPS Everywhere," Electronic Frontier Foundation; www.eff.orghttps-everywhere.

Index Terms:
cryptographic numerology, public-key algorithms, Secure Sockets Layer, computer security, cryptography
Ian Grigg, Peter Gutmann, "The Curse of Cryptographic Numerology," IEEE Security & Privacy, vol. 9, no. 3, pp. 70-72, May-June 2011, doi:10.1109/MSP.2011.69
Usage of this product signifies your acceptance of the Terms of Use.