| Summary: | Incorrect claim about Commercial SSH's key length | ||
|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | D. Hugh Redelmeier <hugh> |
| Component: | Documentation | Assignee: | OpenSSH Bugzilla mailing list <openssh-bugs> |
| Status: | CLOSED FIXED | ||
| Severity: | trivial | CC: | hugh |
| Priority: | P2 | ||
| Version: | -current | ||
| Hardware: | All | ||
| OS: | All | ||
| URL: | http://www.openssh.com/faq.html#2.6 | ||
|
Description
D. Hugh Redelmeier
2001-12-10 18:54:59 AEDT
I agree "half as long" is a little misleading, "half as large" is closer to the truth. wrt the brute force argument, forcing the high-bit on would make the brute force attack harder as there would be more potential factors for a given number (remember these are RSA keys). Though I don't know the scaling for state of the art sieving. I do not see anything wrong there. A 1023-bit RSA key is a 1023-bit key, and not a 1024-bit key. A 1023-bit key is not a 512-bit key. Saying that it is "half as long as advertised" is saying that it is a 512-bit key. Not true. *** This bug has been marked as a duplicate of 132 *** This is not the same bug as 132. This is a bug in the FAQ. 132 is a bug/feature of real code. They are related, but not the same. the language has been modified to just say smaller than advertised. they are still half the size, its the base two logarithm that is one shorter. Mass change of RESOLVED bugs to CLOSED |