I got asked this question today and I didn't know the answer, AES-128 is considered secure, the key size is 2^128, so you would need in average 2^127 tries to break the key. Why does RSA need at least a 1024-bit modulus to be considered secure, If we consider a bruteforce attack on the private exponent, it would take 2^1019 tries (lets consider the private exponent is 1020-bit in length). Is the difference because of a much less complex attack that exists on RSA but doesn't exist in AES?
Asked
Active
Viewed 1,769 times
1 Answers
1
It's because with the key to determining the secret private key in RSA is to factor the public modulus into its two prime factors p and q and need a very large number (2^1024, 2^2048) to make this is computationally difficult.
HeatfanJohn
- 342
- 6
- 18