On 03/13/2015 04:54 PM, Jean-Christophe PLAGNIOL-VILLARD wrote:
>>> if you can break rsa4096, the chance you can break ECC are high too
>>
>> If you want to open the box, today you would probably not break
>> rsa2048/sha1 (unless you have huge calculation power) but look for
>> implementation weaknesses, like bugs or side channel attacks.
> 
> I alredy see it done on rsa1024 few years ago, today rs2048 is supposedly
> secured but as you hw may have to run for 10 years rs2048/sha1 is considered not
> strong enough

Some thoughts on 2048 vs. 4096:
https://www.yubico.com/2015/02/big-debate-2048-4096-yubicos-stand/

While sha1 is considered broken.

Marc

-- 
Pengutronix e.K.                  | Marc Kleine-Budde           |
Industrial Linux Solutions        | Phone: +49-231-2826-924     |
Vertretung West/Dortmund          | Fax:   +49-5121-206917-5555 |
Amtsgericht Hildesheim, HRA 2686  | http://www.pengutronix.de   |