Hi Joe, Joseph S Testa II <jtesta@xxxxxxxxxxxxxxxxxxxx> writes: > On 09/25/2017 01:54 AM, Mark D. Baushke wrote: > > With the group18 8192-bit MODP prime, we are getting just under 192-bits > > of security... depending on how you calculate it. ...wrong information for lager MODP bit sizes elided... > According to NIST Special Publication 800-57, Part 1, Revision 4, p. > 53, > (https://urldefense.proofpoint.com/v2/url?u=http-3A__nvlpubs.nist.gov_nistpubs_SpecialPublications_NIST.SP.800-2D57pt1r4.pdf&d=DwICaQ&c=HAkYuh63rsuhr6Scbfh0UjBXeMK-ndb3voDTXcWzoCI&r=6l1UaIK-spZ6HPOy-7bswQ&m=xDUuVrDCFCbo9ciNq9MtysnMa2_YXbeGNN_XvETpOhk&s=kT3E6dWUqCqdDcv4AS6wrdjOkiPGHkoB5-ifmfOG2js&e= > ), a 7680-bit modulus is estimated to provide 192 bits of security. > Hence, a 8192-bit modulus would provide a little over 192. Okay, my recollection was clearly wrong. Thank you for the pointer. > It also estimates that 256-bits of security is achieved with 15360-bit > moduli. Okay. -- Mark _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
