Cryptography by the Numbers

NIST Recommendations
  • Modes of operation for block ciphers approved by NIST (source, updated February 12, 2018)
    • Encryption:  6
    • Authentication:  1
    • Encryption with Authentication:  5
    • Format-Preserving Encryption:  2
  • Minimum key sizes approved by NIST (source, published January 2016)
    • AES:  128 bits
    • Diffie-Hellman:  2048 bits (617 digits)
    • RSA:  2048 bits (617 digits)
    • Digital Signature Algorithm:  2048 bits (617 digits) for public key, 224 bits (68 digits) for private key
    • Elliptic Curve Cryptography:  224 bits (68 digits)
Record-Breaking Computations
  • Record for factoring a product of two large primes of general form (source, announced February 28, 2020):

= 2140324650240744961264423072839333563008614715144755017797754920881418023447140136643345519095804679610992851872470914587687396261921557363047454770520805119056493106687691590019759405693457452230589325976697471681738069364894699871578494975937497937
= 64135289477071580278790190170577389084825014742943447208116859632024532344630238623598752668347708737661925585694639798853367
×
33372027594978156556226010605355114227940760344767554666784520987023841729210037080257448673296881877565718986258036932062711
(“RSA-250“, 829 bits, 250 digits)

  • Record for finding a discrete logarithm modulo a prime (source, announced December 2, 2019):

p = RSA-240 + 49204 (the first safe prime above “RSA-240“, 795 bits, 240 digits)

774356626343973985966622216006087686926705588649958206166317147722421706101723470351970238538755049093424997
≡ 592603135928144195363094955331732855502961099191437611616729420475898744562365366788100548099072093487548258752802923326447367244150096121629264809207598195062213366889859186681126928982506005127728321426751244111412371767375547225045851716
(mod p)

  • Record for finding a discrete logarithm in a finite field (source, announced July 10, 2019):  Finite field has 230750 elements; size of the field is 30750 bits (14672 digits).
    The finite field was obtained by taking polynomials in two variables, x and t, and reducing them modulo t30 t + 1, modulo x1025 x + t3, and modulo 2.The challenge was to take the logarithm of

    \displaystyle \sum_{i=0}^{30749} \left( \lfloor \pi \cdot 2^{i+1} \rfloor \bmod{2} \right) \cdot t^{29 - (i \bmod{30})} \cdot x^{\lfloor i / 30 \rfloor}

    with respect to the generator g  =  x + t9 .

  • Record for finding a discrete logarithm on an elliptic curve of general form modulo p (source, announced June 16, 2020):

p = 2256 – 232 – 29 – 28 – 27 – 26 – 24 – 1 = 115792089237316195423570985008687907853269984665640564039457584007908834671663

A ≡ 31464123230573852164273674364426950 (mod p)

The logarithm was from the 100 BTC Bitcoin Challenge and was specified to have at most 115 bits (35 digits).

  • Record for finding the shortest vector in a randomly generated lattice (source, announced May 12, 2020):  A point in a lattice in 170 dimensions which is distance 3438 from the origin.
Quantum Computing Records
  • Largest number reported factored using Shor’s Algorithm for fast quantum computing:  21  (source, published October 21, 2012)
  • Largest number reported factored using quantum computation at any speed:  249919 (source, published December 5, 2018)
Quantum Cryptography Records
  • Fastest quantum key agreement systems:
    • Medium-distance:  1.02 Mbit/s over 20 km of optical fiber (source, published October 30, 2008)
    • Long-distance:  12.7 kbit/s over 307 km of optical fiber (source, published February 9, 2015)
  • Longest quantum key agreement systems:
    • Fiber-optic:  404 km (source, published November 2, 2016)
    • Ground-to-ground: 144 km (source, published January 5, 2007)
    • Air-to-ground: 20 km (source, published March 31, 2013)
    • Ground-to-air:  10 km (source, published June 6, 2017)
    • Satellite-to-ground:  1200 km (source, published September 7, 2017)
Post-Quantum Cryptography
  • Submissions to the NIST Post-Quantum Cryptography Standardization process (source, presented April 11, 2018)
    • Submissions received by NIST:  82
    • Submissions meeting minimum specified requirements:  69
    • Submissions still in contention as of the First PQC Standardization Conference:  64
    • Submitters involved: 278, from “25 Countries, 16 States, 6 Continents”
  • Submissions surviving to Round 2 of the NIST Post-Quantum Cryptography Standardization process (source, announced January 20, 2019)
    • Public-key encryption and key-establishment algorithm: 17
    • Digital signature algorithms: 9
    • 2nd NIST PQC Standardization Workshop:  August 22-24, 2019
  • Submissions surviving to Round 3 of the NIST Post-Quantum Cryptography Standardization process (source, announced July 22, 2020)
    • “Finalists”
      • Public-key encryption and key-establishment algorithm: 4
      • Digital signature algorithms: 3
    • “Alternates”
      • Public-key encryption and key-establishment algorithm: 5
      • Digital signature algorithms: 3
    • 3rd NIST PQC Standardization Conference:  2021
  • Draft standards available:  2022-2024
Lightweight Cryptography
  • Submissions to the NIST Lightweight Cryptography Standardization process (source, updated April 19, 2019)
    • Submissions received by NIST:  57
    • Submissions meeting minimum specified requirements:  56
  • Submissions surviving to Round 2 of the NIST Lightweight Cryptography Standardization process (source, announced August 30, 2019)
    • Round 2 candidate submissions:  32
    • 3rd NIST Lightweight Cryptography Workshop:  November 4-6, 2019
    • 4th NIST Lightweight Cryptography Workshop (virtual):  October 19-21, 2020
  • Announcement of the Finalists:  December 2020