LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

How do equivalent cryptographic key sizes compare across symmetric, RSA/DH, and ECC?

128-bit symmetric ≈ 3072-bit RSA/DH ≈ 256-bit ECC. The ratio is roughly Sym:RSA = 1:24 and Sym:ECC = 1:2, showing ECC's dramatic efficiency advantage.

Key-size scaling: RSA/DH versus ECC for equal security

* ECC grows about linearly with symmetric strength while RSA/DH balloons. *

Equivalent key size table (without quantum computers):

Symmetric (bits) RSA/DH $n$ (bits) ECC $p$ (bits) Sym:RSA Sym:ECC
56 512 112 1:9 1:2
80 1024 160 1:13 1:2
112 2048 224 1:18 1:2
128 3072 256 1:24 1:2
192 7680 384 1:40 1:2
256 15,360 512 1:60 1:2

Key observations:

  • The Sym:ECC ratio stays constant at about 1:2 — ECC scales linearly
  • The Sym:RSA ratio keeps growing — RSA key sizes explode as security increases
  • For 256-bit symmetric equivalent: RSA would need 15,360-bit keys (impractical), while ECC needs only 512 bits

Recommendation: Experts strongly recommend moving to ECC, noting that increasing RSA beyond 3072 bits becomes "difficult to justify."

Important note: DH discrete log records trail RSA factoring records by a few years — when RSA of size $n$ bits is broken, DH with the same $n$ bits is broken shortly after.

Go deeper:

From Quiz: KRYPTOG / Diffie-Hellman and ElGamal | Updated: Jul 14, 2026