From owner-freebsd-security Thu Aug 29 7:29:45 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 77BAF37B400 for ; Thu, 29 Aug 2002 07:29:40 -0700 (PDT) Received: from snark.piermont.com (snark.piermont.com [166.84.151.72]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7673E43E7B for ; Thu, 29 Aug 2002 07:29:39 -0700 (PDT) (envelope-from perry@piermont.com) Received: by snark.piermont.com (Postfix, from userid 1000) id 72F5CD97CB; Thu, 29 Aug 2002 10:29:38 -0400 (EDT) To: Petr Swedock Cc: "Karsten W. Rohrbach" , mipam@ibb.net, Matthias Buelow , Stefan =?iso-8859-1?q?Kr=FCger?= , freebsd-security@FreeBSD.ORG, tech-security@netbsd.org, misc@openbsd.org Subject: Re: 1024 bit key considered insecure (sshd) References: <20020828200748.90964.qmail@mail.com> <3D6D3953.6090005@mukappabeta.de> <20020828224330.GE249@localhost> <87k7mamc2s.fsf@snark.piermont.com> <20020829091232.A53344@mail.webmonster.de> <87bs7ln66u.fsf@snark.piermont.com> <86hehdbvsb.fsf@blade-runner.mit.edu> From: "Perry E. Metzger" Date: 29 Aug 2002 10:29:38 -0400 In-Reply-To: <86hehdbvsb.fsf@blade-runner.mit.edu> Message-ID: <87wuq9lovh.fsf@snark.piermont.com> Lines: 27 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.2 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Petr Swedock writes: > > I would have thought spending at least hundreds of millions off > > dollars and (as importantly) at least months of time would have been > > considered "unattractive" enough to encourage other methods of getting > > at your data like breaking in to your physical location. Silly me. I > > guess I missed the concept behind crypto. > > The concept behind crypto is to confuse, scramble and obfuscate. I'm glad you've explained it to me. > When it was first designed for and employed in computers the existing > mathematical models, computer muscle and modes of analysis were > thought to assure unbreakability. Now the use has morphed into > a race condition where present mathematical models and future > computer muscle, coupled with existing modes of analysis are > thought to assure breakability. So, this means that because a person with a billion in spare change lying about might (MIGHT!) be able to break a 1024 bit key every year, we should all panic? -- Perry E. Metzger perry@piermont.com -- "Ask not what your country can force other people to do for you..." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message