Why 256 bit for a cryptocurrency is enough but 1024 bit for ssh is not?

1

If 256-bit private key is secure enough for Bitcoin and Ethereum then why people are moving from 1024 to 2048-bit RSA for day-to-day cryptographic operations (such as ssh) and even this can be not enough in a several decades?

Is checking that an ECDSA private key corresponds to a public address getting that(!) more time than checking that a RSA private key corresponds to a public key? It should be at least 2^768 times slower.

Or ECDSA gives that much less collisions?

Or there are some other reasons?

GameRaccoon

Posted 2018-01-14T13:53:41.150

Reputation: 41

Question was closed 2018-01-14T16:42:52.460

No answers