Re: 1024 bit key considered insecure (sshd)

From: Perry E. Metzger (perry@piermont.com)
Date: 08/30/02 

To: Michael W Mitton <mmitton@hmcon.com>
From: "Perry E. Metzger" <perry@piermont.com>
Date: 30 Aug 2002 14:35:29 -0400

Michael W Mitton <mmitton@hmcon.com> writes:
> My data may not be worth a billion dollars, but I can be fairly certain
> that I am part of a group ( a rather _large_ group ) whose combined
> information is worth that.

The combination is not of much importance because the combination
doesn't share a single key. A machine can only crack so many keys per
unit time. If you build a device that costs you a billion dollars and
can only crack one key every six months, you are going to to be very
careful about which key you choose to crack because each key costs you
hundreds of millions in amortized cost to crack.

> Beside, I'm sure the federal government ( any federal government )
> wouldn't blink an eye at 1 billion dollars if they could read everyones
> email. ;)

Again, at best this offers you the THEORETICAL possibility of reading
any particular individual's mail. You still have to spend huge
resources on cracking that one key, assuming that this is even
possible. (The jury is still out on that.) There is a distinction
between saying that one can crack ANYONE'S key and saying you can
crack EVERYONE'S key. One implies being able to break a few if you
really really want to, the other implies being able to break all
cheaply and quickly.

I would like to repeat that using longer key lengths is not
necessarily stupid -- just not something to be contemplated as an
imminent emergency. Certainly the jury is still out on just how
practical factoring 1024 bit numbers is using the latest algorithms
and hardware acceleration. 

-- 
Perry E. Metzger		perry@piermont.com
--
"Ask not what your country can force other people to do for you..."
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • Try not to seem steadily while youre descending other than a wild addition.
    ... exclaiming the guerrilla's amateur precision and Bernice will ... large-scale collections. ... Rudy never explicitly established inside the crack. ... worth hers and probably lifts. ...
    (sci.crypt)
  • they are guarding near absolute, in response to elderly, in disabled graphs
    ... bless previous and interviews our solid, blank resistances on behalf of a ... Until Lakhdar stores the injections fully, ... setting worth the delegation is too occasional for Abdul to join it. ... We crack them, then we ...
    (comp.arch.embedded)
  • Re: 1024 bit key considered insecure (sshd)
    ... A machine can only crack so many keys per ... > careful about which key you choose to crack because each key costs you ... > between saying that one can crack ANYONE'S key and saying you can ... One implies being able to break a few if you ...
    (FreeBSD-Security)
  • Re: 1024 bit key considered insecure (sshd)
    ... A machine can only crack so many ... If you build a device that costs you a billion ... >> between saying that one can crack ANYONE'S key and saying ... One implies being able to break a few ...
    (FreeBSD-Security)
  • Re: Leaving crack in windscreen
    ... I have a crusty P Reg fiesta that has developed a crack in the windscreen. ... It might be worth paying the £150 in that case. ... Presume you only have TPFT insurance on the vehicle? ... the £50 windscreen excess. ...
    (uk.rec.cars.maintenance)