Can't tell if my Yes bet is me being optimistic for quantum computers or pessimistic about crypto

Define broken!

@Retr0id good question - we'll work on that as they work on cracking it. right now, based on wide mainstream news and peer review most likely.

@strutheo RSA, as initially presented in 1977, is already broken.

http://people.csail.mit.edu/rivest/Rsapaper.pdf - they recommend key length of "200 decimal digits", corresponding to ~664 bits, which is now well within the range of what we can factor using classical computers.

@Retr0id what version of rsa is currently in use?

@strutheo The current recommendations are typically 2048 bits minimum

@Retr0id ok then i guess we'll say rsa-2048

or if we keep advancing versions, i guess we need to specify the 'latest version' of rsa in widespread use?

@strutheo probably makes the most sense to fix it to rsa-2048 (or maybe rsa-4096 if you're feeling generous), otherwise we can ratchet up the key length ad infinitum. I'd say RSA has already fallen out of widespread use - we mostly use EC now.

@Retr0id are EC in widespread use for email clients and on mobile devices? i guess i havent read up on it since college

@strutheo This is a fun question btw - I'm quite confident RSA will stay strong in practice until we have big quantum computers, but nobody really knows how long that'll take - some say years, some say decades or more. On the other hand, I'm pessimistic about btc in the medium-to-long term, so who knows.

@strutheo yeah EC is favoured especially on mobile devices, because it's typically faster and/or more efficient

@Retr0id ok lets assume this is RSA-2048 then!

@Retr0id if you want more fun.... /strutheo/what-will-happen-before-rsa-encrypt