Re: 160-bit key limit

From: Simon Tatham <anakin@xxxxxxxxx>
Date: 12 Jul 2007 09:01:14 +0100 (BST)

yawnmoth <terra1024@xxxxxxxxx> wrote:

I thought that the maximum key size was whatever the modulo for the
diffie-hellman key exchange was. If you're using diffie-hellman-
group1-sha1, that'd be 1024 bits. I don't see where SHA-1 factors
into it.

SHA-1 is used _after_ the key exchange, to convert the output of the
key exchange into the session keys used to do the actual bulk
symmetric data encryption. (This is the meaning of `sha1' in the key
exchange method name you quote.)
--
Simon Tatham "I'm going to pull his head off. Ear by ear."
<anakin@xxxxxxxxx> - a games teacher
.

Follow-Ups:
- Re: 160-bit key limit
  - From: yawnmoth

References:
- 160-bit key limit
  - From: yawnmoth

Prev by Date: 160-bit key limit
Next by Date: how to pass the password of remote machien in a paramater in ssh command.
Previous by thread: 160-bit key limit
Next by thread: Re: 160-bit key limit
Index(es):
- Date
- Thread

Relevant Pages

Re: 160-bit key limit
... SHA-1 is used _after_ the key exchange, to convert the output of the ... the algorithm for generating symmetric keys is in section 7.2. ... their entropy is limited is a consequence of that algorithm. ...
(comp.security.ssh)
Re: 160-bit key limit
... diffie-hellman key exchange was. ... group1-sha1, that'd be 1024 bits. ... SHA-1 is used _after_ the key exchange, to convert the output of the ...
(comp.security.ssh)