Again, this is not a cryptography list, but I'll correct a few small things...
"Robert G. Brown" <[EMAIL PROTECTED]> writes: > I haven't looked at the literature recently, but to the best of my > knowledge e.g the integer factorization problem cannot be solved in > polynomial time for any known algorithm, Correct. > and factoring a single 663 bit integer in a test that took > ballpark of a GFLOP-century of effort for the record as of 2005. I don't remember the record, but at this point it is considered (theoretically) feasible to attack 1024 bit RSA keys using GNFS and similar methods -- Dan Bernstein has published on this, you can doubtless find the paper on his site. Serious users are using 2048 bit RSA keys at this point. There aren't nearly such good methods for attacking elliptic curve based systems, and many people have migrated to those for performance reasons -- you can use shorter keys with (it is believed) equal security. > ssh is quite secure, but not if you have both of my public/private > keys. That depends on what you mean by "secure". There are two forms of security provided by SSH. One is protection from people trying to break in to your account, the other is protection from people reading your traffic over the network. I can log in using your credentials if I have your private key and you are using SSH with public key authentication. However, even if I have both of your private and public keys, the ephemeral key used for a particular session is agreed to using Diffie-Hellman key exchange, and mere knowledge of your long term keys will not allow anyone to read your session traffic. This property is known as "Perfect Forward Secrecy." (Technically, this is only true of sshv2 -- sshv1 used random nonces exchanged under RSA for the key material, but sshv1 is no longer in wide use because it has a number of security issues.) -- Perry E. Metzger [EMAIL PROTECTED] _______________________________________________ Beowulf mailing list, Beowulf@beowulf.org To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
