Date: Sun, 24 Jun 2012 17:23:47 -0400 From: Robert Simmons <rsimmons0@gmail.com> To: freebsd-security@freebsd.org Subject: Re: Hardware potential to duplicate existing host keys... RSA DSA ECDSA was Add rc.conf variables... Message-ID: <CA%2BQLa9Dyu96AxmCNLcU8n5R21aTH6dStDT004iA516EH=jTkvQ@mail.gmail.com> In-Reply-To: <86zk7sxvc3.fsf@ds4.des.no> References: <CA%2BQLa9A4gdgPEn3YBpExTG05e4mqbgxr2kJ16BQ27OSozVmmwQ@mail.gmail.com> <86zk7sxvc3.fsf@ds4.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jun 24, 2012 at 5:18 PM, Dag-Erling Sm=F8rgrav <des@des.no> wrote: > Robert Simmons <rsimmons0@gmail.com> writes: >> In light of advanced in processors and GPUs, what is the potential for >> duplication of RSA, DSA, and ECDSA keys at the current default key >> lengths (2048, 1024, and 256 respectively)? > > You do know that these keys are used only for authentication, and not > for encryption, right? Yes, the encryption key length is determined by which symmetric cipher is negotiated between the client and server based on what is available from the Ciphers line in sshd_config and ssh_config.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2BQLa9Dyu96AxmCNLcU8n5R21aTH6dStDT004iA516EH=jTkvQ>