I know that the sizes are standardized to $1024$, $2048$ etc In the block you normally encrypt a random symmetric data key, which is used to encrypt the actual plain text. Its relationship to security level is more complex than in ecc It is hard to imagine very big numbers So what would be your way to explain the difference to someone who doesn't know much about cryptography? Is there much difference in security between the two
The security aspect is based on the fact that it's difficult to factor it back into p and q Now, since rsa keys are so large (often 1024 bits and above), the primes have to be at least half that (at least 512 bits then). Rsa encryption whose security is based on the infeasibility of solving the factoring of big primes problem and the elgamal encryption which is as secure as the discrete logarithmic problem The question is whether or not there are specific circumstances where you must use elgamal instead rsa and vice versa. As for the reasoning behind the larger key sizes for rsa, the explanation's not too difficult If you look at the document in the question, you will notice that the bits of security for block ciphers correlate almost perfectly with the size (in bits) of the keys for that block cipher (with rare exceptions).
OPEN
