Comparison of cryptographic strength

Home

This table appears in NIST Special Publication 800-57 from July 2012 titled 'Recommendation for Key Management – Part 1: General(Revision 3)'.  This table is about classical security.

Symmetric

Elliptic

DH or RSA

80

163-223

1024

112

224-255

2048

128

256-383

3072

192

384-511

7680

256

 512+

15360


The classical security of curve25519  is 128 bits and matches that of a 3072 bit RSA/Diffie-Hellman public key.

According to the authors of SIDH p751 public keys their post-quantum security is "matching the post-quantum security of AES192" - this refers to NIST's Quantum Security Strength Categories III .

Home