From owner-freebsd-security Fri Aug 30 22:52: 4 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4EE2037B401 for ; Fri, 30 Aug 2002 22:51:52 -0700 (PDT) Received: from localhost.neotext.ca (h24-70-64-200.ed.shawcable.net [24.70.64.200]) by mx1.FreeBSD.org (Postfix) with ESMTP id EDE1443E72 for ; Fri, 30 Aug 2002 22:51:50 -0700 (PDT) (envelope-from campbell@babayaga.neotext.ca) Received: from babayaga.neotext.ca (localhost.neotext.ca [127.0.0.1]) by localhost.neotext.ca (8.12.5/8.12.5) with ESMTP id g7V5r0Xv079209; Fri, 30 Aug 2002 23:53:01 -0600 (MDT) (envelope-from campbell@babayaga.neotext.ca) From: "Duncan Patton a Campbell is Dhu" To: pgreen , "Perry E. Metzger" Cc: Michael W Mitton , , , Subject: Re: 1024 bit key considered insecure (sshd) Date: Fri, 30 Aug 2002 23:53:00 -0600 Message-Id: <20020831055300.M94495@babayaga.neotext.ca> In-Reply-To: <20020830173912.I54491-100000@m-net.arbornet.org> References: <87lm6onqj2.fsf@snark.piermont.com> <20020830173912.I54491-100000@m-net.arbornet.org> X-Mailer: Open WebMail 1.70 20020712 X-OriginatingIP: 127.0.0.1 (campbell) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hunh? Duncan Patton a Campbell is Duibh ;-) ---------- Original Message ----------- From: pgreen To: "Perry E. Metzger" Sent: Fri, 30 Aug 2002 17:39:52 -0400 (EDT) Subject: Re: 1024 bit key considered insecure (sshd) > >From polytarp@m-net.arbornet.org Fri Aug 30 17:38:44 2002 > Newsgroups: > Date: Fri, 30 Aug 2002 17:38:44 -0400 (EDT) > From: pgreen > To: "Perry E. Metzger" > cc: Michael W Mitton , security@FreeBSD.ORG>, , > Subject: Re: 1024 bit key > considered insecure (sshd) Fcc: sent-mail In-Reply-To: > <87lm6onqj2.fsf@snark.piermont.com> Message-ID: > <20020830173221.S54273@m-net.arbornet.org> X-Reply- > UID: (2 > )(1 1029589391 385)/home/guest/polytarp/mbox > X-Reply-Mbox: inbox MIME-Version: 1.0 Content-Type: > TEXT/PLAIN; charset=US-ASCII > > What I'm thinking, is that we need a solution based on > real fact. Even a normal high-school kid could see > that this isn't scientific atol. What I'm suggesting: > something based on universal rhetoric. > > What does this mean? Well, I think some formulae > should do the trick of explaining it: > > 8 ** x > ---- > \ > \ > / sin(6 ** x) * ( 4 5 6 - ( 5 4 5) > / 8 2 5 ) > ---- > > (define square (x) > (+ x x x) > (square (x)) > ) > > I think this prooves my point. > It is a non-rhetorical system of encryption. > Will we still rely on the old system? > I think not. > > On 30 Aug 2002, Perry E. Metzger wrote: > > > > > Michael W Mitton writes: > > > My data may not be worth a billion dollars, but I can be fairly certain > > > that I am part of a group ( a rather _large_ group ) whose combined > > > information is worth that. > > > > The combination is not of much importance because the combination > > doesn't share a single key. A machine can only crack so many keys per > > unit time. If you build a device that costs you a billion dollars and > > can only crack one key every six months, you are going to to be very > > careful about which key you choose to crack because each key costs you > > hundreds of millions in amortized cost to crack. > > > > > Beside, I'm sure the federal government ( any federal government ) > > > wouldn't blink an eye at 1 billion dollars if they could read everyones > > > email. ;) > > > > Again, at best this offers you the THEORETICAL possibility of reading > > any particular individual's mail. You still have to spend huge > > resources on cracking that one key, assuming that this is even > > possible. (The jury is still out on that.) There is a distinction > > between saying that one can crack ANYONE'S key and saying you can > > crack EVERYONE'S key. One implies being able to break a few if you > > really really want to, the other implies being able to break all > > cheaply and quickly. > > > > I would like to repeat that using longer key lengths is not > > necessarily stupid -- just not something to be contemplated as an > > imminent emergency. Certainly the jury is still out on just how > > practical factoring 1024 bit numbers is using the latest algorithms > > and hardware acceleration. > > > > > > -- > > Perry E. Metzger perry@piermont.com > > -- > > "Ask not what your country can force other people to do for you..." > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the > message ------- End of Original Message ------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message