[Operators] IM Observatory and Diffie-Hellman parameters

Dave Cridland dave at cridland.net
Wed Nov 13 18:21:56 UTC 2013


On 13 Nov 2013 17:01, "Fedor Brunner" <fedor.brunner at azet.sk> wrote:
> There is good comparison website for key sizes recommendations:
http://www.keylength.com/en/compare/
> Enter the year until when your system should be protected and see the
Discrete Logarithm Group column.
>

Yes, that site is very nice.

> The scenario I thinking of is "record now and decrypt later", the 1024
bit DH could protect your message for next year, but if the attacker makes
a copy of your conversation now, he can later (for example in 5-10 years
with much stronger hardware) break DH easily. There is communication which
should be protected even for long time, for example: business strategies,
client-lawyer communication, patent information.

Yes, I agree that some considerations might raise it, but I think the case
for making PFS last as long as the assymmetric identity algorithm is pretty
weak in general. To decrypt all communications using 1024-bit DH over a
year is likely to be vastly bigger than for one conversation; the same
isn't true for RSA, for example, where you could solve the private key once.

It is, I agree, the obvious attack point for a single conversation, but
you're still talking in terms of vast computational resources for all the
traffic. Bear in mind that if we had used 768-bit DH two years ago in PFS,
I'd still have only got as far as two of your sessions - I'd have to be
pretty good on my targetting to get the information I wanted at that rate.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/operators/attachments/20131113/a4e768d5/attachment.html>


More information about the Operators mailing list