[nycbug-talk] RSA/DSA for encryption: has it's time come?
George Rosamond
george at ceetonetechnology.com
Tue Aug 27 19:24:44 EDT 2013
Okan Demirmen:
> On Wed, Aug 7, 2013 at 9:58 AM, Isaac (.ike) Levy
> <ike at blackskyresearch.net> wrote:
>>
>> Hi All,
>>
>> I'd love to know what people's thoughts are on the state of older
>> RSA/DSA encryption, versus the future of eliptic curve ECDSA:
>>
>> http://www.technologyreview.com/news/517781/math-advances-raise-the-prospect-of-an-internet-security-crisis/
>>
>> --
>> A few years ago, a number of us were wary of the brand-spankin'-new ECC
>> crypto for use in SSH public keys. And then months later, there were
>> some ECDSA/ssh implementation problems exposed:
>>
>> http://marc.info/?l=openssh-unix-dev&m=130613765816780&w=2
>>
>> So, that was 2 years ago, ECDSA implementations are now no longer in
>> their infancy.
>>
>> --
>> What are people's thoughts on the practicality of starting to use ECDSA
>> keys?
>>
>> Has anyone here seen their use mandated over RSA/DSA in a business setting?
>> Has anyone just jumped into ECDSA bliss, and not looked back?
>
> Not that this might mean much, but I use them.
>
> As for policies in a business setting; I gather such technical
> policies are made by people like you, so it's likely up to what folks
> like you write in said policies :)
So I'm in the process of getting a client to pickup better practices
with SSH, and found out even OSX 10.7.5 doesn't support ecdsa.
AFAIK, Putty doesn't either yet, and I doubt SSH for Windows does either.
g
More information about the talk
mailing list