[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: FW: 1024-bit RSA keys in danger of compromise
> On Mon, Mar 25, 2002 at 05:23:34PM -0700, Theo de Raadt wrote:
> > > To be prudent, there should be a general migration towards
> > > longer keys, in the neighborhood of 2kbits to 4kbits. This
> > > really only needs be done when a new key is generated,
> > > anyway--and nobody should panic if that isn't for some time.
> > This is not feasable.
> > It takes anything less than a Pentium 200, and quickly moves it
> > towards the garbage heap.
> Is this for key generation only, or for all operations that use a
> large key? Not that it's a huge deal, but if only the former then
> the lifespan could be extended by generating the keys elsewhere.
Try using ssh2 to a sparc 20. The DH kills it, but the same basic
rule applies to larger RSA or DSA keys.
> > Honestly, I think our society and planet is at greater risk from
> > the amount of computers going to the garbage dump, than this
> > little possible issue....
> Amen. I can't bear to toss out the perfectly functional 486 I have
> in the closet, even though it hasn't been powered on in a couple
> years. To think of what we're doing to the landfills that used to
> be landscapes, and the masses who would die to get their hands on
> what goes in them...
Computers all build using really really nasty chemicals.
> By all means, if large keys makes old hardware unusuable, let's
> stick with smaller ones.