[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RFC#14 - openssh keysize



On Wed, 22 Oct 2003, Dries Schellekens wrote:

> On Wed, 22 Oct 2003, Robert Urban wrote:
>
> > I fail to see how you two arguing about who knows more (or less) about
> > cryptopgraphy adds ANY value to this list.  Please don't bother me
> > with assertions about who was privy to god's own truth in this matter.
> >
> > This is an ideal candidate for a PRIVATE exchange: a pissing contest.
> >
> > I'm getting pretty tired of people that need an audience to argue in
> > front of.
> >
> > And please don't accuse me of being hypocritical.
>
> Indeed, this discussion is completely useless.
>
> Just do what RSA recommends you to do
> http://www.rsasecurity.com/rsalabs/technotes/twirl.html#table1
>
> Or look at Bruce Schneiders advice
> http://www.schneier.com/crypto-gram-0204.html#3
>
> The NESSIE project (www.cryptonessie.org) recommends 1536 bit as
> sufficient for medium term security (5 to 10 years).
>
> So maybe openssh should use 1280 or 1536 bit RSA keys by default;
> whatever is possible on low performance machines (vax, m86k, ...).
>
>
> Just to put everything into perspective, the digital copy of the American
> dollar note is encrypted with (I don't remember the exact number) a 50000
> bit RSA key. So this is what NSA recommends.

NSA licensing ECC with 512 bit keys (equivalent with 15360 bit RSA keys)
puts things into perspective as well.


Sorry, for the long delay it took for this email to get delivered to the
mailing list; something wrong with mail server over here, I guess.


Cheers,

Dries
--
Dries Schellekens
email: gwyllion_(_at_)_ulyssis_(_dot_)_org



Visit your host, monkey.org