4 comments

[ 2.9 ms ] story [ 15.0 ms ] thread
> ECC algorithms with smaller key sizes would be more vulnerable to a quantum attack, as it would require a currently theoretical quantum computer with fewer qubits than would be required for an RSA key with the same cryptographic strength [25].

This is what keeps me skeptical about ECC. RSA is really chunky, and maybe that's a fundamental advantage from an information theory perspective. Compromising on the crypto scheme because we can't fit inside UDP seems like a cursed path.

[25]: https://arxiv.org/abs/1706.06752

I find it silly to throw huge amounts of resources away worrying about quantum attacks that won't get burned on something as silly as this week's DNS if it happens to be protected at all. If you are making a 30 year root and/or document signing then worry.
> 864000 seconds (1 day)

Could use some proofreading.

I do wish these types of document were published as HTML and not just as PDF.