From owner-freebsd-security@FreeBSD.ORG Sun Jun 24 19:44:51 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9DF19106566B for ; Sun, 24 Jun 2012 19:44:51 +0000 (UTC) (envelope-from jhellenthal@dataix.net) Received: from mail-ob0-f182.google.com (mail-ob0-f182.google.com [209.85.214.182]) by mx1.freebsd.org (Postfix) with ESMTP id 4EEDC8FC16 for ; Sun, 24 Jun 2012 19:44:51 +0000 (UTC) Received: by obbun3 with SMTP id un3so6807879obb.13 for ; Sun, 24 Jun 2012 12:44:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dataix.net; s=rsa; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to; bh=b/dE1BbijzxYE8/OoV/9jrvgv6+EjbdSvTBZ24DUXfE=; b=ZpmOUQLPTcwRzpKwAWtti2Q9wVtWp1JxRL9rbmnupbCpuRG2Zvo5ufKY+WKBbLC4j6 8SIRhcOWZC1NQRl11qB7Gi1M4fhYj34+EpcjSPd7Q+HulKLssjeuqzR0MQa+0OmpAwr5 Y4DzBP8jLL16TnWqN7y5lGG5V2vMH3/PBaHKQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:x-gm-message-state; bh=b/dE1BbijzxYE8/OoV/9jrvgv6+EjbdSvTBZ24DUXfE=; b=ghEVeebRJzu5435FRI4jKCFGyFDvOYKArrv17os14cW5pxtVbOfMzWeQhUcxKG1UIC PauOtg9yjDZ4WKGqAqFTOPXd3JdtN+J5bLXwQ/LWQOnsQnBWx1G8sn8/vYgzy0NYjWrN HQzAkmdwpPmQwFs2iDQnz8xzGWTYe4hLWXPwWj0C3J+ycMsPiNkZT+/yqXSX0GYdQhv0 /jIxV2xpSONJfgUxfrIzP0o2zsmvJ4yQVFto8SogcUXS8lJBmxDegMk6TDETM8NUc5ZC rfihjUbmSPV5yeiG87VAIIyAsMACihGqvTGgATEH/cQNFzzZoy+L9YF3fSx7YEsDaflG WYbA== Received: by 10.50.209.73 with SMTP id mk9mr6345968igc.66.1340567090391; Sun, 24 Jun 2012 12:44:50 -0700 (PDT) Received: from DataIX.net (75-128-120-86.dhcp.aldl.mi.charter.com. [75.128.120.86]) by mx.google.com with ESMTPS id nh8sm8102833igc.1.2012.06.24.12.44.49 (version=TLSv1/SSLv3 cipher=OTHER); Sun, 24 Jun 2012 12:44:49 -0700 (PDT) Received: from DataIX.net (localhost [127.0.0.1]) by DataIX.net (8.14.5/8.14.5) with ESMTP id q5OJimTE022604 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 24 Jun 2012 15:44:48 -0400 (EDT) (envelope-from jhellenthal@DataIX.net) Received: (from jh@localhost) by DataIX.net (8.14.5/8.14.5/Submit) id q5OJimRw022603; Sun, 24 Jun 2012 15:44:48 -0400 (EDT) (envelope-from jhellenthal@DataIX.net) Date: Sun, 24 Jun 2012 15:44:47 -0400 From: "J. Hellenthal" To: Robert Simmons Message-ID: <20120624194447.GA22363@DataIX.net> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Gm-Message-State: ALoCoQkQBYhyJfmqFZB8PuP0lPkVKf1BvHKZqcByzD/Bnu9Amo3hH11t1pZW09KFqgSvKaEHF8d7 Cc: freebsd-security@freebsd.org Subject: Re: Hardware potential to duplicate existing host keys... RSA DSA ECDSA was Add rc.conf variables... X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Jun 2012 19:44:51 -0000 On Sun, Jun 24, 2012 at 03:34:15PM -0400, Robert Simmons wrote: > On Sun, Jun 24, 2012 at 2:56 PM, Mark Felder wrote: > > On Sun, 24 Jun 2012 13:34:45 -0500, Robert Simmons > > wrote: > > > >> In light of advanced in processors and GPUs, what is the potential for > >> duplication of RSA, DSA, and ECDSA keys at the current default key > >> lengths (2048, 1024, and 256 respectively)? > >> > > > > I've been able to duplicate keys for years simply using cp(1) > > > > Define "duplicate". Are you asking about some sort of collision? Are you > > asking about brute forcing an encrypted stream and deducing what the private > > key is? > > And as a flip side to the argument, is there a reason not to raise the > default to 4096? Certainly the same advances in processors makes this > size key quite usable. I've seen no noticeable slowness with 4096 bit > RSA or 521 bit ECDSA. But what happens when the default is raised to 4096 for RSA and a server has 100, 200, 300 users ? does that processor time really get effected then ? to me this is just the cost of security but only if it is needed. Moreso what is the probabilty of communications being broken if the host key is 2048 bit RSA and the user key is 4096 bit RSA -- - (2^(N-1))