cryptography - 基于 key 大小的 RSA 性能

Question

一个不依赖于实现的理论问题，1024 位与 4096 位 RSA 的性能下降多少？

谢谢

Answer 1

根据RSA key lengths :

[...]

With every doubling of the RSA key length, decryption is 6-7 times times slower.

Figure 1 shows how decryption time increases with modulus length. The timings were made on a 2GHz Pentium.

The key length also affects the speed of encryption, but it's usually the speed of decryption that we're more concerned about because (a) that's the part that takes place on the server, and (b) decryption is much much slower than encryption, because the decryption exponent is huge (whereas the encryption exponent is typically small).

If we use a 4096-bit modulus, it takes around a second of CPU time to decrypt a block of data. Even if you were able to sacrifice this amount of CPU to every log on, it leaves us with the problem that an attacker can effectively burn a second of CPU time on our server by firing some random data at it. With a 1024-bit key length, decryption takes just 25 milliseconds; with suitable restrictions on the rate of login attemps (and thus decryptions) we allow per remote client, protecting against a "CPU burn" attack is more feasible.