Date: Jan 4, 2013 7:04 AM
Author: David Bernier
Subject: Re: Is factorization of big primeproducts a solved problem YET?
On 01/04/2013 12:01 AM, JT wrote:

> Does the RSA challenges have a given time complexity of factoring the

> primeproduct, or did they have one that changed during resent years?

The RSA challenge numbers are still available somewhere.

The contests for prize money has been discontinued.

I think many remain unfactored, as far as the general

public knows, i.e. outside cryptologic agencies and

government cipher schools.

They would deliberately choose n = p*q, p, q odd primes

with the digit length of p and q being about half that

of the composite number `n'. Other criteria were involved

to exclude the existence of so-called weak prime factors,

meaning those where a kown deterministic algorithm could do

a lot better than average, roughly speaking.

512-bit composites are now old hat. 512+256 = 768.

768-bit composites aren't exactly old hat, but for some

applications, private RSA keys should last 5 years or more,

preferably against millionaire or billionaire enemies.

AFAIK, 2048-bit composites are deemed to be secure

against lots of folk for a dozen years or more, something

like that.

I don't see many <= 1024-bit public keys in SSL

certificates ...

dave