Date: Thu, 29 Aug 2002 08:02:23 -0700 From: Seth Kurtzberg <seth@cql.com> To: "Perry E. Metzger" <perry@piermont.com>, "Karsten W. Rohrbach" <karsten@rohrbach.de> Cc: mipam@ibb.net, Matthias Buelow <mkb@mukappabeta.de>, Stefan =?iso-8859-1?q?Kr=FCger?= <skrueger@europe.com>, freebsd-security@FreeBSD.org, tech-security@netbsd.org, misc@openbsd.org Subject: Re: 1024 bit key considered insecure (sshd) Message-ID: <200208290802.23540.seth@cql.com> In-Reply-To: <87bs7ln66u.fsf@snark.piermont.com> References: <20020828200748.90964.qmail@mail.com> <20020829091232.A53344@mail.webmonster.de> <87bs7ln66u.fsf@snark.piermont.com>
next in thread | previous in thread | raw e-mail | index | archive | help
The other piece of the crypto puzzle that is frequently misunderstood (not flames! I'm not saying misunderstood by anyone participating in this discussion!) is that data is typically sensitive for a limited period of time. The fact that you could crack a password in a year becomes quite irrelevant if the protected data is no longer sensitive after a month. Intelligently archiving older data that doesn't need to remain on-line helps this situation. On Thursday 29 August 2002 06:30, Perry E. Metzger wrote: > "Karsten W. Rohrbach" <karsten@rohrbach.de> writes: > > Perry E. Metzger(perry@piermont.com)@2002.08.29 02:08:27 +0000: > > > I do. If someone with millions of dollars to spend on custom designed > > > hardware wants to break into your computer, I assure you that > > > increasing the size of your ssh keys will not stop them. Nor, for that > > > > you missed the concept behind crypto in general, i think. it's not about > > stopping someone from accessing private resources, but rather making > > that approach to make access to these resources /very/ unattractive, by > > increasing the amount of time (and thus $$$) an attacker has to effort > > to get access. > > I would have thought spending at least hundreds of millions off > dollars and (as importantly) at least months of time would have been > considered "unattractive" enough to encourage other methods of getting > at your data like breaking in to your physical location. Silly me. I > guess I missed the concept behind crypto. -- ----------------------------------- Seth Kurtzberg M. I. S. Corp. 1-480-661-1849 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208290802.23540.seth>