Re: Hardware potential to duplicate existing host keys... RSA DS
On Mon, Jun 25, 2012 at 02:31:04AM +0100, RW wrote:
> On Sun, 24 Jun 2012 17:23:47 -0400
> Robert Simmons wrote:
>
> > On Sun, Jun 24, 2012 at 5:18 PM, Dag-Erling Sm鷨grav <des@des.no>
> > wrote:
> > > Robert Simmons <rsimmons0@gmail.com> writes:
> > >> In light of advanced in processors and GPUs, what is the potential
> > >> for duplication of RSA, DSA, and ECDSA keys at the current default
> > >> key lengths (2048, 1024, and 256 respectively)?
> > >
> > > You do know that these keys are used only for authentication, and
> > > not for encryption, right?
> >
> > Yes, the encryption key length is determined by which symmetric cipher
> > is negotiated between the client and server based on what is available
> > from the Ciphers line in sshd_config and ssh_config.
>
> I'm not very familiar with ssh, but surely they're also used for
> session-key exchange, which makes them crucial to encryption. They
> should be as secure as the strongest symmetric cipher they need to work
> with.
This should give you a good outline of it.
http://www.linuxjournal.com/article/9566
--
- (2^(N-1))
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 10 之 26 篇):