Subject: Re: OpenSSH key size
To: None <tech-security@NetBSD.org>
From: Michael Richardson <firstname.lastname@example.org>
Date: 09/15/2005 09:55:58
-----BEGIN PGP SIGNED MESSAGE-----
>> There is a talk being presented at MIT today that shows clearly
>> that 1Kb public keys can be factored fairly easily on cheap
>> custom hardware. It is long past time for SSH keys to be at
>> least 2Kb by default.
John Gilmore suggested that 2048 is the wrong number. One should add
~100 to that number.
The concept being, if someone builds a machine that can crack 2048-bit
numbers, it won't be able to do 2049-ones. A machine that can do 2049
may well be able to 4096. So, you get the brute-force resistance of 4096
(in terms of $$$ to build) without the cost.
This is not a technical argument -- it is an economic one.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] email@example.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
-----END PGP SIGNATURE-----