Hunh?  

Duncan Patton a Campbell is Duibh ;-)

---------- Original Message -----------
From: pgreen <polytarp@m-net.arbornet.org>
To: "Perry E. Metzger" <perry@piermont.com>
Sent: Fri, 30 Aug 2002 17:39:52 -0400 (EDT)
Subject: Re: 1024 bit key considered insecure (sshd)

> >From polytarp@m-net.arbornet.org Fri Aug 30 17:38:44 2002
> Newsgroups:
> Date: Fri, 30 Aug 2002 17:38:44 -0400 (EDT)
> From: pgreen <polytarp@m-net.arbornet.org>
> To: "Perry E. Metzger" <perry@piermont.com>
> cc: Michael W Mitton <mmitton@hmcon.com>,  <freebsd-
> security@FreeBSD.ORG>,     <tech-security@netbsd.org>, 
>  <misc@openbsd.org> Subject: Re: 1024 bit key 
> considered insecure (sshd) Fcc: sent-mail In-Reply-To: 
> <87lm6onqj2.fsf@snark.piermont.com> Message-ID: 
> <20020830173221.S54273@m-net.arbornet.org> X-Reply-
> UID: (2 > )(1 1029589391 385)/home/guest/polytarp/mbox 
> X-Reply-Mbox: inbox MIME-Version: 1.0 Content-Type: 
> TEXT/PLAIN; charset=US-ASCII
> 
> What I'm thinking, is that we need a solution based on 
> real fact.  Even a normal high-school kid could see 
> that this isn't scientific atol.  What I'm suggesting: 
>  something based on universal rhetoric.
> 
> What does this mean?  Well, I think some formulae 
> should do the trick of explaining it:
> 
> 	8 ** x
> 	----
>         \
>          \
>          /       sin(6 ** x) * ( 4 5 6    -  ( 5 4 5)
>         /                        8 2 5 )
>         ----
> 
> 	(define square (x)
> 		(+ x x x)
> 		(square (x))
> 	)
> 
> I think this prooves my point.
> It is a non-rhetorical system of encryption.
> Will we still rely on the old system?
> 	I think not.
> 
> On 30 Aug 2002, Perry E. Metzger wrote:
> 
> >
> > Michael W Mitton <mmitton@hmcon.com> writes:
> > > My data may not be worth a billion dollars, but I can be
fairly certain
> > > that I am part of a group ( a rather _large_ group ) whose
combined
> > > information is worth that.
> >
> > The combination is not of much importance because the
combination
> > doesn't share a single key. A machine can only crack so many
keys per
> > unit time. If you build a device that costs you a billion
dollars and
> > can only crack one key every six months, you are going to to
be very
> > careful about which key you choose to crack because each key
costs you
> > hundreds of millions in amortized cost to crack.
> >
> > > Beside, I'm sure the federal government ( any federal
government )
> > > wouldn't blink an eye at 1 billion dollars if they could
read everyones
> > > email.  ;)
> >
> > Again, at best this offers you the THEORETICAL possibility
of reading
> > any particular individual's mail. You still have to spend
huge
> > resources on cracking that one key, assuming that this is
even
> > possible. (The jury is still out on that.) There is a
distinction
> > between saying that one can crack ANYONE'S key and saying
you can
> > crack EVERYONE'S key. One implies being able to break a few
if you
> > really really want to, the other implies being able to break
all
> > cheaply and quickly.
> >
> > I would like to repeat that using longer key lengths is not
> > necessarily stupid -- just not something to be contemplated
as an
> > imminent emergency. Certainly the jury is still out on just
how
> > practical factoring 1024 bit numbers is using the latest
algorithms
> > and hardware acceleration.
> >
> >
> > --
> > Perry E. Metzger		perry@piermont.com
> > --
> > "Ask not what your country can force other people to do for
you..."
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-security" in the body of the
message
> >
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the 
> message
------- End of Original Message -------