From polytarp@m-net.arbornet.org Fri Aug 30 17:38:44 2002 Newsgroups: Date: Fri, 30 Aug 2002 17:38:44 -0400 (EDT) From: pgreen To: "Perry E. Metzger" cc: Michael W Mitton , , , Subject: Re: 1024 bit key considered insecure (sshd) Fcc: sent-mail In-Reply-To: <87lm6onqj2.fsf@snark.piermont.com> Message-ID: <20020830173221.S54273@m-net.arbornet.org> X-Reply-UID: (2 > )(1 1029589391 385)/home/guest/polytarp/mbox X-Reply-Mbox: inbox MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII What I'm thinking, is that we need a solution based on real fact. Even a normal high-school kid could see that this isn't scientific atol. What I'm suggesting: something based on universal rhetoric. What does this mean? Well, I think some formulae should do the trick of explaining it: 8 ** x ---- \ \ / sin(6 ** x) * ( 4 5 6 - ( 5 4 5) / 8 2 5 ) ---- (define square (x) (+ x x x) (square (x)) ) I think this prooves my point. It is a non-rhetorical system of encryption. Will we still rely on the old system? I think not. On 30 Aug 2002, Perry E. Metzger wrote: > > Michael W Mitton writes: > > My data may not be worth a billion dollars, but I can be fairly certain > > that I am part of a group ( a rather _large_ group ) whose combined > > information is worth that. > > The combination is not of much importance because the combination > doesn't share a single key. A machine can only crack so many keys per > unit time. If you build a device that costs you a billion dollars and > can only crack one key every six months, you are going to to be very > careful about which key you choose to crack because each key costs you > hundreds of millions in amortized cost to crack. > > > Beside, I'm sure the federal government ( any federal government ) > > wouldn't blink an eye at 1 billion dollars if they could read everyones > > email. ;) > > Again, at best this offers you the THEORETICAL possibility of reading > any particular individual's mail. You still have to spend huge > resources on cracking that one key, assuming that this is even > possible. (The jury is still out on that.) There is a distinction > between saying that one can crack ANYONE'S key and saying you can > crack EVERYONE'S key. One implies being able to break a few if you > really really want to, the other implies being able to break all > cheaply and quickly. > > I would like to repeat that using longer key lengths is not > necessarily stupid -- just not something to be contemplated as an > imminent emergency. Certainly the jury is still out on just how > practical factoring 1024 bit numbers is using the latest algorithms > and hardware acceleration. > > > -- > Perry E. Metzger perry@piermont.com > -- > "Ask not what your country can force other people to do for you..." > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message