Re: Legacy option for key length?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Sun, Dec 31, 2017 at 7:24 PM, Emmanuel Deloget <logout@xxxxxxx> wrote:

> Hello,
>
> On Sat, Dec 30, 2017 at 12:16 AM, Daniel Kahn Gillmor <
> dkg@xxxxxxxxxxxxxxxxx> wrote:
>
>> On Thu 2017-12-28 21:31:28 -0800, Dan Mahoney (Gushi) wrote:
>>
>>
>> > Perhaps if you're dead-set on this being so dangerous,
>>
>> It's not the developers who are dead-set on weak-keyed RSA being
>> insecure, it's the cryptanalysts who have shown that to be the case :)
>>
>
>
> ​To further supplement this point, here is the paper that explain how
> RSA-768 was factorized. In 2010, the authors estimated that it would take
> around 1500 years to a single-core machine of this generation to ​do the
> same thing. We're 7 years after their first results, and we now have access
> to massive cloud-based behemoths for a discount. How much time would it
> resist?
>

​Of course, it's always better with the link itself:
https://eprint.iacr.org/2010/006.pdf
​

>
> The idea of removing weak ciphers from a widely used piece of software is
> a good one - that way, you strengthen the whole ecosystem. Going the
> reverse path would simply make less informed people be the weak link of the
> Internet, putting possibly many more at risk.
>
> Best regards,
>
> -- Emmanuel Deloget
>
>
>
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux