* D3|\||\|!$ -----Original Message----- Subject: A / V / Text encryption methods
It uses 256-bit encryption in order to actively encrypt the data in each Skype call or instant message. Skype uses 1024 bit RSA to negotiate symmetric AES keys. User public keys are certified by the Skype server at login using 1536 or 2048-bit RSA certificates. The key size used for signing here is 1536-2048, which is significantly greater than 1024-bit keys that are a global norm. I wonder why they do this. Isn't one of the things you do when coming up with a cryptosystem choosing comparable bits of security with all your keys? A symmetric key of 256 bits is equivalent to an RSA key of 15360 bits according to the NIST. Are they just giving a warm and fuzzy "more is better" when in reality you just attack the 1024 bit RSA keypair that's negotiating said AES key and probably becoming more and more possible each day? Dave _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
