From: Ronan Cunniffe (rcunniff at domain wilde.cs.tcd.ie)
Date: Sun 16 Sep 2001 - 23:14:37 IST
On Sun, 16 Sep 2001, John P. Looney wrote:
> On Sat, Sep 15, 2001 at 01:53:55AM +0100, kevin lyda mentioned:
> > > research for the CIA, and you may be familiar with their on-line
> > > extension: American Institute for Computer Sciences (www.aics.edu).
> > > If the CIA has these resources and power, you can guarantee the NSA
> > > has it one hundred-fold.
> >
> > that's fine. last i knew an ssh public key would take a few million
> > years in current cpu time to break.
>
> The British and the French thought the same thing about enigma, til the
> Poles found two massive weaknesses in it...and didn't tell the people
> using the tech (the germans) that it was insecure.
It *wasn't* insecure. They were using it incorrectly (according to
Singh's book). Things like encoding the message key twice at the
beginning of the message, allowing the operator to choose the message key,
occasionally sending a message in an older or weaker code because the
recipient didn't have the latest codebooks, 'cribs' (guessed plaintext,
e.g. "Heil Hitler"[1]), etc.
> It's quite possible that 1024bit ssh keys have already been
broken.
I doubt it. Instead of accepting some venduh's proclamation that the
scheme is unbreakable (as happened with Enigma), people are calmly and
systematically trying to a) break the SSH algorithm, b) find ways of
extracting data without needing to break it, c) break a given
*implementation* of SSH, d) find weak keys in SSH, e)....
There's no guarantees in crypto, but as the public crypto effort gets
close to the military crypto in scale, the chance of the NSA or GCHQ or
whoever being *way* out in front drops.
Just thoughts...
Ronan C.
[1] That's *me* in Echelon's black book anyway....
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:12:09 GMT