SSH Agent keys >4096 bit?

Hubert Kario hka at qbs.com.pl
Sat May 5 16:13:08 CEST 2012


On Friday 04 of May 2012 08:40:31 Robert J. Hansen wrote:
> On 05/04/2012 06:07 AM, Hubert Kario wrote:
> > It still doesn't change the overall picture:
> > 1. migrating to ECC is hard and complicated
> > 2. using 8k RSA is easy
> 
> Nor does it change
> 
> 3. using 8K RSA gives a modest increase to an already formidable
>    margin of security
> 
> Breaking a 128-bit keyspace is hard.  Like, really, really hard.  The
> power analysis on that one is eye-popping: to break a 128-bit keyspace
> in anything approaching a reasonable length of time requires an energy
> output on the level of a hypernova.  If you want to break a 128-bit
> keyspace, please do it in a galaxy far, far away.  So why do we need to
> increase a 128-bit keyspace (RSA-3K) to a 192-bit-plus-a-small-amount
> keyspace (RSA-8K)?
> 
> The obvious response is "to defend against enhanced attacks against RSA,
> such as quantum computing and Shor's Algorithm."  But that's just crazy.
>  Shor's Algorithm requires 2N qubits to break an N-bit key.  Right now
> we've got quantum computers that have, what, eight qubits?  Any RSA
> modulus smaller than sixteen is in trouble now, let me tell you.

Reading about cryptography history I noticed one thing, when NSA said "don't 
do something" it meant that this thing did break the crypto entirely or 
allowed for far easier attacks.

Considering that they tell us "don't use RSA" (in Crypto suite B), would 
suggest that they have an attack on RSA that considerably limits its security.
So whatever 4k RSA really does have a large margin of security is 
questionable.

We've already established that telling everybody to use 8k or greater keys is 
infeasible because of computational problems (in phones and web servers, let 
alone smartchips). The only solution for that problem is to tell everybody to 
use ECC (which has lower computational requirements). This does not mean that 
long RSA keys are useless for all use cases. SSH certainly isn't one of them.

Regards,
-- 
Hubert Kario
QBS - Quality Business Software
02-656 Warszawa, ul. Ksawerów 30/85
tel. +48 (22) 646-61-51, 646-74-24
www.qbs.com.pl



More information about the Gnupg-users mailing list