[nycbug-talk] RSA/DSA for encryption: has it's time come?

Justin Dearing zippy1981 at gmail.com
Fri Sep 6 09:36:15 EDT 2013


>From Schneier <http://www.theguardian.com/profile/bruceschneier>'s Guardian
article today:
http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance

>Prefer conventional discrete-log-based systems over elliptic-curve
systems; the latter have constants that the NSA influences when they can.
I'm ignorant of the inner working of elliptic-curve systems. Obviously
Bruce is an authority, but is he right here? Are the older algorithms safer
from NSA evesdropping?




On Thu, Aug 29, 2013 at 3:05 AM, idMac <idmac at free.fr> wrote:

> Thank you, I'll search where I read it !
>
>
> > On 28 août 2013, at 14:38, Okan Demirmen <okan at demirmen.com> wrote:
> >
> >> On Wed, Aug 28, 2013 at 7:57 AM, idMac <idmac at free.fr> wrote:
> >> Hi All,
> >>
> >> I know it's not enough but it could be 'one more edge' to improve
> secured
> >> access, it's the yubikey.
> >> Or just a usb stick transformed to be used with pamusb lib.
> >
> > Yes, I totally agree, especially with yubikey.
> >
> >> Another thing, ECDSA is better than RSA until size is lower than 1024 or
> >> 2048 bits I read. (But I would have confirmation/infirmation of it)
> >> For example, RSA key with more than 4096 could be stronger than ECDSA
> key
> >> with 4096 bits.
> >>
> >> Is it true ?
> >
> > I won't post potentially mis-information, and leave it to someone
> > else...archives are a killer :)
> >
> >> Thank you,
> >> Julien
> >>
> >> On 28 Aug, 2013, at 4:07 AM, George Rosamond <
> george at ceetonetechnology.com>
> >> wrote:
> >>
> >> Okan Demirmen:
> >>
> >> On Tue, Aug 27, 2013 at 9:50 PM, George Rosamond
> >> <george at ceetonetechnology.com> wrote:
> >>
> >> Okan Demirmen:
> >>
> >> On Tue, Aug 27, 2013 at 7:24 PM, George Rosamond
> >> <george at ceetonetechnology.com> wrote:
> >>
> >> Okan Demirmen:
> >>
> >> On Wed, Aug 7, 2013 at 9:58 AM, Isaac (.ike) Levy
> >> <ike at blackskyresearch.net> wrote:
> >>
> >>
> >> Hi All,
> >>
> >> I'd love to know what people's thoughts are on the state of older
> >> RSA/DSA encryption, versus the future of eliptic curve ECDSA:
> >>
> >>
> http://www.technologyreview.com/news/517781/math-advances-raise-the-prospect-of-an-internet-security-crisis/
> >>
> >> --
> >> A few years ago, a number of us were wary of the brand-spankin'-new ECC
> >> crypto for use in SSH public keys.  And then months later, there were
> >> some ECDSA/ssh implementation problems exposed:
> >>
> >> http://marc.info/?l=openssh-unix-dev&m=130613765816780&w=2
> >>
> >> So, that was 2 years ago, ECDSA implementations are now no longer in
> >> their infancy.
> >>
> >> --
> >> What are people's thoughts on the practicality of starting to use ECDSA
> >> keys?
> >>
> >> Has anyone here seen their use mandated over RSA/DSA in a business
> setting?
> >> Has anyone just jumped into ECDSA bliss, and not looked back?
> >>
> >>
> >> Not that this might mean much, but I use them.
> >>
> >> As for policies in a business setting; I gather such technical
> >> policies are made by people like you, so it's likely up to what folks
> >> like you write in said policies :)
> >>
> >>
> >> So I'm in the process of getting a client to pickup better practices
> >> with SSH, and found out even OSX 10.7.5 doesn't support ecdsa.
> >>
> >> AFAIK, Putty doesn't either yet, and I doubt SSH for Windows does
> either.
> >>
> >>
> >> So many things there just blew my mind...but OK, I'll mend myself later
> :)
> >>
> >> I'd simply recommend to them to start using keys, regardless of type -
> >> get them in the habit, and whenever these other tools get support for
> >> the new fangle stuff, just add to authorized keys and migrate.  Just
> >> get them in the habit of thinking about keys instead.  I'm sure you
> >> know all this....
> >>
> >>
> >> Like most of the sane world, they are using keys.. with passwds.  I'm
> >> going the next step.
> >>
> >>
> >> I figured.  So here's my issue, and you can call it a double-edged
> >> sword if you want - one is storing private keys on client that lives
> >> in an extremely hostile environment - that is the vector that needs to
> >> be addressed.  Sure, remove keys and use passwords instead - then
> >> we're back to that debate.
> >>
> >> Double-edged? Maybe, but think about the use-case and attack vectors -
> >> that's all I'm saying.
> >>
> >>
> >> So this would be much easier if we could have IRC synchronized with
> >> talk@  ;)  (efnet #nycbug)
> >>
> >> Security and its related fields are often relative, and dependent upon
> >> adversaries in question.  And part of the relative and cumulative issue
> >> is with user behavior.
> >>
> >> Don't require a strict security policy on passwds and 12 other things
> >> overnight.  Once they figure out how to create and remember multiple
> >> long passwds, then you build off that, for instance.  So you have them
> >> comfortably using SSH, then keys.  And keys with passwds doesn't seem so
> >> initimidating.
> >>
> >> g
> >>
> >> _______________________________________________
> >> talk mailing list
> >> talk at lists.nycbug.org
> >> http://lists.nycbug.org/mailman/listinfo/talk
> >>
> >>
> >>
> >> _______________________________________________
> >> talk mailing list
> >> talk at lists.nycbug.org
> >> http://lists.nycbug.org/mailman/listinfo/talk
> >>
>
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/talk
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nycbug.org/pipermail/talk/attachments/20130906/e7a6d074/attachment.html>


More information about the talk mailing list