|
November 10, 2013, 12:35:15 AM |
|
ECDSA 256 bit key only has 128 bits of security. Public key systems generally need larger keys to deliver the same key strength as symmetric encryption.
The same thing applies to hashing algorithms. For collisions and second pre-image resistance the bit strength of a hashing algorithm is half that of the digest length for 128 bits for SHA-256 and 80 bits for RIPEMD-160.
So there is no reduction in bits strength. Even if there was (assume Bitcoin used 512 bit ECDSA keys), 128 bit simply can't be brute forced, not at any cost, and not in any useful timeframe so any reduction would be academic at best.
Public key systems are more likely to be degraded in the future (due to mathematical relationship between the public and private key) and thus they are "hedged" by using larger key stengths to provide a "cushion" against improved cryptoanalysis.
|