Researchers broke down the cost of the practical factorization attack to $76 for the 1024-bit key and $40,000 for the 2048-bit key, both running on an Amazon AWS c4 computation instances. But they said a 4096-bit RSA key is not practically factorizable now, but “may become so, if the attack is improved.

According to Researcher, The following key length ranges are now considered practically factorizable->> 512 to 704 bits, 992 to 1216 bits and 1984 to 2144 bits.

Note that 4096-bit RSA key is not practically factorizable now, but may become so, if the attack is improved.

“The actual impact of the vulnerability depends on the usage scenario, availability of the public keys and the lengths of keys used. We found and analyzed vulnerable keys in various domains including electronic citizen documents, authentication tokens, trusted boot devices, software package signing, TLS/HTTPS keys and PGP. The currently confirmed number of vulnerable keys found is about 760,000 but possibly up to two to three magnitudes more are vulnerable”. Researcher said.