tag:blogger.com,1999:blog-37798047.post4140409601886774787..comments2021-01-25T11:47:18.922-05:00Comments on Errata Security: DH-1024 in Bitcoin termsDavid Maynorhttp://www.blogger.com/profile/09921229607193067441noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-37798047.post-70373896059759077302015-10-16T18:30:33.510-04:002015-10-16T18:30:33.510-04:00I recall an old RSA paper from 10+ years ago defen...I recall an old RSA paper from 10+ years ago defending RSA key strength versus Elliptic Curve methods. The argument was that while the processing requirements were correct about RSA key length, you needed some obscene amount of RAM to factor RSA 1024. Were some new methods of factoring invented that aren't RAM intensive?Georgehttps://www.blogger.com/profile/10128704008699660671noreply@blogger.comtag:blogger.com,1999:blog-37798047.post-15991249633708814922015-10-16T11:30:17.249-04:002015-10-16T11:30:17.249-04:00Unless you can precompute Diffie-Hellman by perfor...Unless you can precompute Diffie-Hellman by performing nothing but SHA256 hashing, Bitcoin ASICs will be of no use in this endeavor.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-37798047.post-70848111711610888842015-10-16T09:12:10.448-04:002015-10-16T09:12:10.448-04:00I once wrote a passphrase generator with strength ...I once wrote a passphrase generator with strength estimator (at https://github.com/kravietz/passphrase.today) and after looking at different methods of password strength estimation I've ended up just calculating "how long would it take to crack using today's BTC hash rate". I find it a very reasonable estimate of current humanity's computational power and you can also pretty well estimate the cost of reproducing that cost for any other hash or crypto algorithm using average prices of mining rigs on the market.Anonymousnoreply@blogger.com