Re: 1024 bit key considered insecure (sshd)

From: Perry E. Metzger (perry@piermont.com)
Date: 08/29/02 

To: "Karsten W. Rohrbach" <karsten@rohrbach.de>
From: "Perry E. Metzger" <perry@piermont.com>
Date: 29 Aug 2002 09:30:17 -0400

"Karsten W. Rohrbach" <karsten@rohrbach.de> writes:
> Perry E. Metzger(perry@piermont.com)@2002.08.29 02:08:27 +0000:
> > I do. If someone with millions of dollars to spend on custom designed
> > hardware wants to break into your computer, I assure you that
> > increasing the size of your ssh keys will not stop them. Nor, for that
>
> you missed the concept behind crypto in general, i think. it's not about
> stopping someone from accessing private resources, but rather making
> that approach to make access to these resources /very/ unattractive, by
> increasing the amount of time (and thus $$$) an attacker has to effort
> to get access.

I would have thought spending at least hundreds of millions off
dollars and (as importantly) at least months of time would have been
considered "unattractive" enough to encourage other methods of getting
at your data like breaking in to your physical location. Silly me. I
guess I missed the concept behind crypto. 

-- 
Perry E. Metzger		perry@piermont.com
--
"Ask not what your country can force other people to do for you..."
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • Re: 1024 bit key considered insecure (sshd)
    ... >> hardware wants to break into your computer, I assure you that ... >> increasing the size of your ssh keys will not stop them. ... > stopping someone from accessing private resources, ... I believe his point is that increasing the costs of the hardware ...
    (FreeBSD-Security)
  • Re: X509 question
    ... X9.42 DH and OAEP with AES. ... certificates for an algorithm that provided no advantages over RSA, ... and no hardware (either crypto accelerators or smart cards) supported it ...
    (sci.crypt)
  • Re: Hyper-Threading Vulnerability
    ... You're asking the crypto ... >> to avoid a microarchitectural problem with Intel's HT implementation. ... The cache line information leak is just a information leak ... of the hardware as well as the software. ...
    (Linux-Kernel)
  • Re: Wikipedia "Cryptography" reaches Featured Article status
    ... John K. Taber wrote: ... I wish to comment solely on the question of DES in hardware or software. ... The regulations implement the more general enabling legislation, the Arms Export Control Act, if I remember its title correctly. ... There are examples of encryption systems being broken by bypassing the crypto so the message is sent in plaintext. ...
    (sci.crypt)
  • Re: Wikipedia "Cryptography" reaches Featured Article status
    ... I wish to comment solely on the question of DES in hardware or software. ... The idea behind the Act is to give the Executive bargaining ... broken by bypassing the crypto so the message is sent in plaintext. ...
    (sci.crypt)