Google Starts Upgrading Its SSL Certificates To 2048-bit Keys 118
An anonymous reader writes "Google today announced it has already started upgrading all of its SSL certificates to 2048-bit keys. The goal is to beef up the encryption on the connections made to its services. Google says the upgrade, which includes the root certificate that the company uses to sign all of its SSL certificates, will be completed 'in the next few months.' Previously, however, Google was more specific and said it was aiming to finish the process by the end of 2013."
Completely useless... (Score:3, Informative)
If the NSA has the master key...
Not really. (Score:5, Informative)
The initial connection setup will be more processor intensive (4x?) but the actual communications isn't done with public/private key encryption. The public/private keys are only used to verify the identity of the server and to exchange a symmetric (AES128 often) key. After the setup, the rest of the transfer will be no more complex and so shouldn't load your PC any more than before.
Re:Completely useless... (Score:2, Informative)
Actually...
Me ----> (SSL) ----> Verisign ----> NSA ----> (SSL) ----> Google
Re:Older PCs (Score:5, Informative)
Hardly anything, actually. The actual amount of encryption and decryption done using the RSA2048 key is quite small - really only about 128 to 256 bits or so.
Public key encryption is horrendously slow, too slow for modern usage, so what happens is the bulk encryption is done via a symmetric cipher, typically AES these days (previously it was 3DES or DES). Of course, for symmetric ciphers to work, you need to share a key. So what happens is the client generates a key for AES, encrypts it with the RSA2048 public key, and sends it to the server. The server decrypts the key using its RSA2048 private key and then communications take place via AES and that shared key.
The change from RSA1024 to RSA2048 should have minimal impact since it's only done on session setup while the actual communications use the far faster and more secure AES algorithm.
(Yes, public key encryption is weaker - you need more bits for the key to have the same level of protection as a symmetric cipher using way less bits.).
Re:Older PCs (Score:0, Informative)
Public key encryption is horrendously slow, too slow for modern usage, so what happens is the bulk encryption is done via a symmetric cipher, typically AES these days (previously it was 3DES or DES).
No, no, no!
Public key encryption relies on asymmetric cipher. These ciphers are only good for *1* block size!! So if you are using 2048 bit asymmetric cipher, you can only encrypt 2048 bits. That's ALL! 256 bytes. They are only used for exchange of symmetric keys and for authentication (like HMAC hashes). One key is used for encryption and another for decryption. This is why you cannot chain them like symmetric. So 1 block in size, tops.
Symmetric keys are then used for as stream ciphers. These are 128 bit or 256 bit long. They use things like CBC (Cipher Block Chaining) so one block's output is used as hashing function for next blocks input, along with the secret symmetric key. Same key is used for encryption as decryption.
Public key crypto is for key exchange and authentication. Symmetric crypto is used for actual encryption. They are complementary, *not* in competition with each other.