A theoretical question not depending on implementati开发者_如何学编程on, how much of a decrease in performance is 1024bit vs 4096bit RSA?
Thanks
According to RSA key lengths:
[...]
With every doubling of the RSA key length, decryption is 6-7 times times slower.
Figure 1 shows how decryption time increases with modulus length. The timings were made on a 2GHz Pentium.
The key length also affects the speed of encryption, but it's usually the speed of decryption that we're more concerned about because (a) that's the part that takes place on the server, and (b) decryption is much much slower than encryption, because the decryption exponent is huge (whereas the encryption exponent is typically small).
If we use a 4096-bit modulus, it takes around a second of CPU time to decrypt a block of data. Even if you were able to sacrifice this amount of CPU to every log on, it leaves us with the problem that an attacker can effectively burn a second of CPU time on our server by firing some random data at it. With a 1024-bit key length, decryption takes just 25 milliseconds; with suitable restrictions on the rate of login attemps (and thus decryptions) we allow per remote client, protecting against a "CPU burn" attack is more feasible.
精彩评论