> The National Institute of Standards and Technology (NIST) has issued a statement that says SSL certificates with a key length of 1,024 bits or fewer will be insufficient for security after December 31, 2010
> It is recommended that the algorithms and key sizes in the "Through 2030" row (e.g., 2048-bit RSA) should be used to provide the cryptographic protection
RSA keys are composite numbers. Bruteforcing them involves factoring, not trying 2^n possibilities. A bruteforce of a 1024-bit RSA key possible to be published this decade and likely by 2030.
I think the suggestion of SSL being less secure was based on it possibly having some vulnerability or other (which, historically, has happened), not necessarily having to brute force it.
> It is recommended that the algorithms and key sizes in the "Through 2030" row (e.g., 2048-bit RSA) should be used to provide the cryptographic protection
http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-P...
1024 bit is impossible to bruteforce. Simply incrementing an integer 2^1024 times will take more energy than our whole universe has.
Heck, even 128 bit would take 3.1×10^19 years to bruteforce with that GPU setup. My citibank.com uses a 256-bit connection.
SSL is not "less secure" than my 30-character password (correction: 128-bit one is a bit less secure, but 256-bit one is much more secure).
If it were, all the banks would be freaking out and would shut down their web interfaces.