[Operators] IM Observatory and Diffie-Hellman parameters
ladycuyik14 at gmail.com
Thu Nov 14 01:51:14 UTC 2013
Pada 14/11/2013 5:45 AM, "Fedor Brunner" <fedor.brunner at azet.sk> menulis:
> On 13.11.2013 19:21, Dave Cridland wrote:
> > On 13 Nov 2013 17:01, "Fedor Brunner" <fedor.brunner at azet.sk> wrote:
> >> There is good comparison website for key sizes recommendations:
> > http://www.keylength.com/en/compare/
> >> Enter the year until when your system should be protected and see the
> > Discrete Logarithm Group column.
> > Yes, that site is very nice.
> >> The scenario I thinking of is "record now and decrypt later", the 1024
> > bit DH could protect your message for next year, but if the attacker
> > a copy of your conversation now, he can later (for example in 5-10 years
> > with much stronger hardware) break DH easily. There is communication
> > should be protected even for long time, for example: business strategies,
> > client-lawyer communication, patent information.
> > Yes, I agree that some considerations might raise it, but I think the
> > for making PFS last as long as the assymmetric identity algorithm is
> > weak in general. To decrypt all communications using 1024-bit DH over a
> > year is likely to be vastly bigger than for one conversation; the same
> > isn't true for RSA, for example, where you could solve the private key
> > It is, I agree, the obvious attack point for a single conversation, but
> > you're still talking in terms of vast computational resources for all the
> > traffic. Bear in mind that if we had used 768-bit DH two years ago in
> > I'd still have only got as far as two of your sessions - I'd have to be
> > pretty good on my targetting to get the information I wanted at that
> For detailed description of various attack scenarios with calculations
> please read
> ECRYPT II Yearly Report on Algorithms and Keysizes
> The 1024 bit length for DH used in older versions of software, is a
> remnant of US export regulations. This regulations in 1999 permitted the
> export of software programs using maximum 56-bit data encryption and
> maximum 1024-bit key exchange.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Operators