Re: 1024 bit key considered insecure (sshd)
From: Karsten W. Rohrbach (karsten@rohrbach.de)
Date: 08/29/02
- Next message: Mike Silbersack: "Re: 1024 bit key considered insecure (sshd)"
- Previous message: Perry E. Metzger: "Re: 1024 bit key considered insecure (sshd)"
- In reply to: Perry E. Metzger: "Re: 1024 bit key considered insecure (sshd)"
- Next in thread: Perry E. Metzger: "Re: 1024 bit key considered insecure (sshd)"
- Reply: Perry E. Metzger: "Re: 1024 bit key considered insecure (sshd)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 29 Aug 2002 15:51:18 +0200 From: "Karsten W. Rohrbach" <karsten@rohrbach.de> To: "Perry E. Metzger" <perry@piermont.com>
Perry E. Metzger(perry@piermont.com)@2002.08.29 09:30:17 +0000:
>
> "Karsten W. Rohrbach" <karsten@rohrbach.de> writes:
> > Perry E. Metzger(perry@piermont.com)@2002.08.29 02:08:27 +0000:
> > > I do. If someone with millions of dollars to spend on custom designed
> > > hardware wants to break into your computer, I assure you that
> > > increasing the size of your ssh keys will not stop them. Nor, for that
> >
> > you missed the concept behind crypto in general, i think. it's not about
> > stopping someone from accessing private resources, but rather making
> > that approach to make access to these resources /very/ unattractive, by
> > increasing the amount of time (and thus $$$) an attacker has to effort
> > to get access.
>
> I would have thought spending at least hundreds of millions off
> dollars and (as importantly) at least months of time would have been
> considered "unattractive" enough to encourage other methods of getting
> at your data like breaking in to your physical location. Silly me. I
> guess I missed the concept behind crypto.
wasn't meant as a personal assault. defining attractive/unattractive
strongly depends on the content you want to protect, sure. of course, at
some point gaining physical access becomes more attractive.
tracking the evolution of computing machinery nowadays, implementing
cryptanalysis in hardware becomes cheaper and faster at an amazing
speed. my wild guess is, that through the upcoming broad availability of
software programmable hardware that is available today, attacks to
crypto in general will become very cheap in a timeframe of months.
regards,
/k
-- > "It says he made us all to be just like him. So if we're dumb, then > god is dumb, and maybe even a little ugly on the side." --Frank Zappa WebMonster Community Project -- Reliable and quick since 1998 -- All on BSD http://www.webmonster.de/ - ftp://ftp.webmonster.de/ - http://www.rohrbach.de/ GnuPG: 0xDEC948A6 D/E BF11 83E8 84A1 F996 68B4 A113 B393 6BF4 DEC9 48A6 REVOKED: 0x2964BF46 D/E 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 BF46 REVOKED: 0x4C44DA59 RSA F9 A0 DF 91 74 07 6A 1C 5F 0B E0 6B 4D CD 8C 44 My mail is GnuPG signed - Unsigned ones might be bogus - http://www.gnupg.org/ Please do not remove my address from To: and Cc: fields in mailing lists. 10x
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- application/pgp-signature attachment: stored
- Next message: Mike Silbersack: "Re: 1024 bit key considered insecure (sshd)"
- Previous message: Perry E. Metzger: "Re: 1024 bit key considered insecure (sshd)"
- In reply to: Perry E. Metzger: "Re: 1024 bit key considered insecure (sshd)"
- Next in thread: Perry E. Metzger: "Re: 1024 bit key considered insecure (sshd)"
- Reply: Perry E. Metzger: "Re: 1024 bit key considered insecure (sshd)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
