Mailinglist Archive: opensuse-security (520 mails)
| < Previous | Next > |
Re: [suse-security] What's the length of ssh keys?
- From: Michael Schmidt <Michael.Schmidt@xxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 3 Jul 2002 12:57:19 +0200 (MET DST)
- Message-id: <Pine.GSO.4.20.0207031248420.8995-100000@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
On Tue, 2 Jul 2002, Boris Lorenz wrote:
> Yuppa,
>
> > times. So even 2048 bits are really paranoid - assumed some
> > agency use weeks of computing power of the billion dollar machine
> > to break *your* 1024 SSH/SSL/TLS RSA key..
>
> Quite right. On the other hand, I wouldn't even bet on a 2048 bit key in
> the wake of recent efforts (and steps forward) in quantum computing, but
> that's prolly just me.
There have been big steps in quantum computing, but it's far from
usable. At the moment it's still hard to create something like a five bit
computer with AND and OR gates. And there is no chance to initialize a
quantum computer with 10kb (normal size of a secret email) , as you have
to load the complete document to decode. If this will be possible,
all normal ciphers will be out of date. Then just say good bye to it all.
> Fact is that good intelligence can be obtained by traffic analysis
> alone. In most cases, it's not necessary to brute-force into an
> encrypted message, so the key size alone is a good, but not the only
> factor in this "game".
That is a real argument to increase the key size or change keys on a
regular base. To prevent intelligent attacks to the key you should also
hide the type of information that is transmitted (increasing entropy by
sending nonsense).
Michael Schmidt
Icewolf
> Yuppa,
>
> > times. So even 2048 bits are really paranoid - assumed some
> > agency use weeks of computing power of the billion dollar machine
> > to break *your* 1024 SSH/SSL/TLS RSA key..
>
> Quite right. On the other hand, I wouldn't even bet on a 2048 bit key in
> the wake of recent efforts (and steps forward) in quantum computing, but
> that's prolly just me.
There have been big steps in quantum computing, but it's far from
usable. At the moment it's still hard to create something like a five bit
computer with AND and OR gates. And there is no chance to initialize a
quantum computer with 10kb (normal size of a secret email) , as you have
to load the complete document to decode. If this will be possible,
all normal ciphers will be out of date. Then just say good bye to it all.
> Fact is that good intelligence can be obtained by traffic analysis
> alone. In most cases, it's not necessary to brute-force into an
> encrypted message, so the key size alone is a good, but not the only
> factor in this "game".
That is a real argument to increase the key size or change keys on a
regular base. To prevent intelligent attacks to the key you should also
hide the type of information that is transmitted (increasing entropy by
sending nonsense).
Michael Schmidt
Icewolf
| < Previous | Next > |