Mailinglist Archive: opensuse-security (520 mails)

< Previous Next >
Re: [suse-security] What's the length of ssh keys?
  • From: Boris Lorenz <bolo@xxxxxxx>
  • Date: Tue, 02 Jul 2002 13:13:21 +0200
  • Message-id: <3D218AD1.613DAB86@xxxxxxx>
Yuppa,

Steffen Dettmer wrote:
[...]
> Well, and if you do not trust 1024 Bit, I really wonder why
> someone should upgrade to 4096 bit. IIRC adding tree bits or so
> of length would statistical double the needed break time. In that
> case, going from 1024 to 4096 bit would double 1024 times, that
> is 2^1024 (and not 2*1024!) which evaluates to
>
> 17976931348623159077293051907890247336179769789423065727343008115773\
> 26758055009631327084773224075360211201138798713933576587897688144166\
> 22492847430639474124377767893424865485276302219601246094119453082952\
> 08500576883815068234246288147391311054082723716335051068458629823994\
> 7245938479716304835356329624224137216
>
> times. So even 2048 bits are really paranoid - assumed some
> agency use weeks of computing power of the billion dollar machine
> to break *your* 1024 SSH/SSL/TLS RSA key..

Quite right. On the other hand, I wouldn't even bet on a 2048 bit key in
the wake of recent efforts (and steps forward) in quantum computing, but
that's prolly just me.

Fact is that good intelligence can be obtained by traffic analysis
alone. In most cases, it's not necessary to brute-force into an
encrypted message, so the key size alone is a good, but not the only
factor in this "game".

My $1. Could I have change, please.

Boris
---

< Previous Next >
Follow Ups